Re: TO HELL WITH IT THEN......(re: disk-destroyer.c)

From: Stephen Frost (sfrost@ns.snowman.net)
Date: Mon Jul 24 2000 - 11:19:25 EST


On 24 Jul 2000, Shalon Wood wrote:

> Stephen Frost <sfrost@ns.snowman.net> writes:
>
> > So you fix the hole that is giving the abuser root.
>
> Defense in depth. Come on, it's a standard security principle. I have
> caught script kiddies before within 5 minutes of them cracking the
> system. Without this protection, that's plenty of time to turn a disk
> into a brick. If they are having to jump through hoops, that slows
> them down.

        Either he's got this prepared or he doesn't. It's *very*
unlikely he's going to sit on the machine and start coding C, even if
it would only take a few lines. If he has to compile something it isn't
going to make much difference if it's 10 lines or 100 lines of code.
Of course, then there's the issue that often the kiddies don't want to
take the machine down, and if they do, 5 minutes is plenty of time to
do enough damage to cause a couple of hours of repair work.
        There's a couple issues here. First is that this *isn't*
anything new. Second is that there is *no* way to completely fix it
and putting cruft in the kernel to try is silly and bloatful. The
hardware should be fixed. This is the same issue w/ old monitors
smoking because of funny refresh rates. New monitors fixed the
problem. Let's not fill the kernel with cruft that will never get
cleaned up.

                Stephen

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Mon Jul 31 2000 - 21:00:16 EST