Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]

To: Dariush Pietrzak <eyck@forumakad.pl>
Cc: debian-security@lists.debian.org
Subject: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
From: Tim Nicholas <tim@nicholas.net.nz>
Date: Wed, 2 Apr 2003 21:23:48 +1200
Message-id: <[🔎] 20030402092347.GA4171@nicholas.net.nz>
Mail-followup-to: Tim Nicholas <tim@nicholas.net.nz>, Dariush Pietrzak <eyck@forumakad.pl>, debian-security@lists.debian.org
In-reply-to: <[🔎] 20030402074651.GB19978@forumakad.pl>
References: <3E883C67.3020807@simicro-internet.mg> <20030331134931.GA7092@mood.ritram.it> <[🔎] 3E89761A.60609@simicro-internet.mg> <[🔎] 20030401133615.GA17185@mood.ritram.it> <[🔎] 20030401133017.GA28537@vnl.com> <[🔎] 20030401165306.GA2958@melina.ds14.agh.edu.pl> <[🔎] 20030401174928.GA16302@moskovskaya> <[🔎] 20030401194338.GA19978@forumakad.pl> <[🔎] 20030402061354.GD16645@keitarou.bubblesworth.net> <[🔎] 20030402074651.GB19978@forumakad.pl>

On Wed, Apr 02, 2003 at 09:46:52AM +0200, Dariush Pietrzak wrote:
> > of proportion... Some things in security _have_ to be obscure. Your
> > password, for example. Or the primes used to generate your PGP private
>  There's a difference between 'obscure' and 'secret'.

This is true.

> All you gain by removing kernel-loading capability from your kernel is to
> force cracker to search memory to find entry points.
>  That's like hiding key to your door under your doormat.

Thats not true. Or rather if it is, then using the key is
considerably harder than simply opening the door (which would be
equivalent of having module support using your metaphor).

But disabling module support isn't obscuring anything, its genuinely
changing the system. The attacker is in fact going to have to do
something different and more difficult to modify the kernel. 
You seem to be saying that if there is one way of achieving a
security breach, then you shouldn't bother stopping other ways of
achieving the same result. This is clearly ridiculas.

Yours, 

Tim

-- 
Tim Nicholas                          ||                      Cilix
Email: tim@nicholas.net.nz            ||    Wellington, New Zealand
http://tim.nicholas.net.nz/           ||   Cell/SMS: +64 21 337 204
"Sir, I think you have a problem with your brain being missing."

Reply to:

References:
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: DouRiX <dourix-tech@simicro-internet.mg>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Maurizio Lemmo - Tannoiser <mizio@tenzione.it>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Dale Amon <amon@vnl.com>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Marcin Owsiany <porridge@debian.org>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: David Barroso <tomac@somoslopeor.com>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Dariush Pietrzak <eyck@forumakad.pl>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Paul Hampson <Paul.Hampson@anu.edu.au>
- Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
  - From: Dariush Pietrzak <eyck@forumakad.pl>

Prev by Date: Re: H323 Gateways
Next by Date: Re: H323 Gateways
Previous by thread: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Next by thread: Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
Index(es):
- Date
- Thread