Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]

To: debian-security@lists.debian.org
Subject: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
From: David Barroso <tomac@somoslopeor.com>
Date: Tue, 1 Apr 2003 23:42:46 +0200
Message-id: <[🔎] 20030401214246.GA17485@moskovskaya>
In-reply-to: <[🔎] 20030401194338.GA19978@forumakad.pl>
References: <3E883C67.3020807@simicro-internet.mg> <20030331134931.GA7092@mood.ritram.it> <[🔎] 3E89761A.60609@simicro-internet.mg> <[🔎] 20030401133615.GA17185@mood.ritram.it> <[🔎] 20030401133017.GA28537@vnl.com> <[🔎] 20030401165306.GA2958@melina.ds14.agh.edu.pl> <[🔎] 20030401174928.GA16302@moskovskaya> <[🔎] 20030401194338.GA19978@forumakad.pl>

* Dariush Pietrzak (eyck@forumakad.pl) wrote:
> > One reason is security:
> > it's relatively easy for an intruder to install a kernel module based
> > rootkit, and then hide her processes, files or connections.
> isn't it security-by-obscurity?
> Determined hacker can still relatively easily insert code into kernel 
> (vide phreack magazine articles )

True, but not in a so-automated way and definetively more advanced
skills would be needed. It's not security-by-obscurity at all, it's only
one layer of basic protection.

Reply to:

References:
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: DouRiX <dourix-tech@simicro-internet.mg>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Maurizio Lemmo - Tannoiser <mizio@tenzione.it>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Dale Amon <amon@vnl.com>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Marcin Owsiany <porridge@debian.org>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: David Barroso <tomac@somoslopeor.com>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Dariush Pietrzak <eyck@forumakad.pl>

Prev by Date: anti-ptrace
Next by Date: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Previous by thread: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Next by thread: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Index(es):
- Date
- Thread