OpenBSD 3.5: a peek at another free Unix
Posted May 6, 2004 7:37 UTC (Thu) by ekj
Parent article: OpenBSD 3.5: a peek at another free Unix
So, what stops the attacker who has gained root from, for example, unmounting the filesystem, change the flag in the filesystem by accessing the hd-partition directly, and then remounting the filesystem ? Doesn't even need to be hard, sounds rather simple to write a script that does this automatically.
Doesn't having to reboot for every trivial security-patch (as would probably be needed if you make /bin or any other big part of the tree immutable) get kinda annoying, especially where people depend on the services the box provide ?
to post comments)