| |||||||||||
System calls and rootkitsSystem calls and rootkitsPosted Sep 13, 2008 8:05 UTC (Sat) by geertj (subscriber, #4116)Parent article: System calls and rootkits
> Without some kind of hardware enforcement (e.g. Trusted Platform Module) or locked-down virtualization, Linux is defenseless against attacks that run as root
SELinux is another technique that can protect against attacks that run as root.
(Log in to post comments)
System calls and rootkits Posted Sep 14, 2008 16:35 UTC (Sun) by spender (subscriber, #23067) [Link]
Yea, it worked great against that exploit I wrote that disabled SELinux.
Sorry, but once you compromise the kernel, SELinux is useless.
-Brad
System calls and rootkits Posted Sep 22, 2008 11:40 UTC (Mon) by robbe (guest, #16131) [Link]
> that exploit I wrote that disabled SELinux.
URL?
> Sorry, but once you compromise the kernel, SELinux is useless.
Nobody will argue that. Not that your parent post talks about "running as
System calls and rootkits Posted Sep 22, 2008 20:49 UTC (Mon) by nix (subscriber, #2304) [Link]
If you're root there are a simply enormous number of ways to compromise
the kernel or DoS the box to its knees. Maybe SELinux will eventually be able to plug them all but it's not there yet.
(I saw one product for Solaris many years ago whose salesman claimed that
|
|||||||||||