User: Password:
|
|
Subscribe / Log in / New account

A rootkit dissected

A rootkit dissected

Posted Nov 23, 2012 1:18 UTC (Fri) by BenHutchings (subscriber, #37955)
In reply to: A rootkit dissected by PaXTeam
Parent article: A rootkit dissected

Kernel modules can use, abuse or bypass any interface, exported or not. But run-time installable LSMs would be so much more convenient to the rookit author.


(Log in to post comments)

A rootkit dissected

Posted Nov 23, 2012 1:25 UTC (Fri) by PaXTeam (guest, #24616) [Link]

and what exactly prevents a normal module from posing as an LSM? nothing? ;)

A rootkit dissected

Posted Nov 24, 2012 0:12 UTC (Sat) by dpquigl (guest, #52852) [Link]

You're right absolutely nothing and with this proposed patch by the TOMOYO developer[1] It will become even easier.

[1]http://www.spinics.net/linux/fedora/linux-security-module...


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds