User: Password:
|
|
Subscribe / Log in / New account

The TALPA molehill

The TALPA molehill

Posted Aug 8, 2008 9:38 UTC (Fri) by jcm (subscriber, #18262)
Parent article: The TALPA molehill

So I'm running malware-list for these guys and I'll be sorting out the lack of public indexing
- it's not intentional, it's just a fact that I'm travelling this week and can't fix the
mailman setup until next week.

When I was looking at this problem (before cunningly handing it off to Eric :P) my main
concern was trying to do away with the hacks - especially syscall table hacks (which these
days not only have to unprotect the table, but deal with relocatable kernel issues) - and have
something more pragmatic. No "solution" can ever guarantee that bad bits aren't getting into
the system - you can mmap a file and feed "bad" bits into it that other applications will see
but cunningly arrange for the file to seem ok on open/close, and other things. But a small
hook is hardly a big deal for the kernel especially if there's no overhead for those who don't
use it.

The alternative would seem to be that vendors end up being pressured into taking patches into
Enterprise kernels that are disjoint from upstream.


(Log in to post comments)

The TALPA molehill

Posted Aug 8, 2008 9:45 UTC (Fri) by jcm (subscriber, #18262) [Link]

The public indexing should be working properly now.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds