31 May
2000
31 May
'00
15:01
It seems that Kurt got a message that I haven't received (yet, though it's about 5 hours now after he sent it) Kurt Seifried wrote:
Experimenting with a firewall I compiled a monolithic kernel with masquerading and without loadable module support so as to make it impossible to subvert the kernel by a malicious module. I wondered about this too, but dont you need root-rights in order to load a kernel modul ?
Not always =) Also once you load a module (like say NARK, a kernel level
MfG Matthias
-Kurt
Root rights are obtaineable saidly. (Buffer overflow in a setuid root program)) Or sniffed from a telnet session from a _very_ ignorant sysadmin etc. BB, Arjen -- Sell what you use, use what you sell.