| |||||||||||||
Making distribution files readable only by root is pointlessMaking distribution files readable only by root is pointlessPosted Mar 28, 2013 0:04 UTC (Thu) by nix (subscriber, #2304)In reply to: Making distribution files readable only by root is pointless by dvdeug Parent article: KASLR: An Exercise in Cargo Cult Security (grsecurity blog)
The bot wouldn't do it. The author of the bot would do it, and embed the appropriate offsets in the bot.
(Log in to post comments)
Making distribution files readable only by root is pointless Posted Mar 29, 2013 11:06 UTC (Fri) by madscientist (subscriber, #16861) [Link]
If the offsets are embedded in the bot rather than dynamically discovered then the bot begins to go obsolete the minute a new kernel update is released... which happens pretty often. Changing permissions might not be a huge benefit but it is SOME benefit, and with virtually zero cost. I'm not sure this particular change warrants being called out as an example of useless security gestures.
Making distribution files readable only by root is pointless Posted Mar 29, 2013 12:02 UTC (Fri) by spender (subscriber, #23067) [Link]
If everyone's done with their armchair theorizing about why the feature isn't just pointless obfuscation for distributions and doesn't provide a false sense of security due to its complete lack of qualifications for efficacy, I'd like to point out the existence of https://github.com/jonoberheide/ksymhunter since 2011. The thing about techniques like these is they only have to be written once.
-Brad
Making distribution files readable only by root is pointless Posted Mar 29, 2013 23:07 UTC (Fri) by etienne (subscriber, #25256) [Link]
Are you saying that, for security reasons, we shall all have *another* kernel with that name in that directory?
|
|||||||||||||