[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]

On Tue, 01 Apr 2003 13:57:10 EST, Phillip Hofmeister writes:
>Assuming an intruder made his way in with root privs couldn't he also
>modify /dev/kmem or directly access the kernel memory by some other
>means?  I beleive this topic has also been discussed in the past (dig
>deep into the archives) and it was concluded that not allowing modules
>to be loaded does not really protect you from your kernel being
>modified at run-time.

Not allowing modules to be loaded doesn't protect you in much the same
way as a solid oak door with a 1" deadbolt doesn't make your house

Security isn't an absolute all-or-nothing thing.

More difficult to exploit == more secure.
Less difficult to exploit == less secure.

Good security design is about making it "more secure".  You don't try
to make it completely secure, because that's impossible(*).  You just make
it more and more secure, until it is secure enough for the expected

Somebody with a chainsaw, welding torch, and/or lots of explosives can
break into my house, even with my solid oak door.  I don't use this as
an excuse to not bother locking my door.

    --- Wade

*Some people think that a computer with no network or power at the
bottom of a well that's been filled with concrete is secure.  I don't
think so, I think that it's just going to take a little digging before
a cracker can break into it.

Reply to: