Re: Why Ext2/3 needs immutable attribute?
From: Xin Zhao
Date: Sun Apr 17 2005 - 18:52:34 EST
We can certainly harden the system, but sometime the vulnerability in
kernel is hard to detect and protect. For example, the brk()
vulnerablitiy found in Linux kernel. All the security mechanisms you
mentioned have to rely on a healthy kernel. Unfortunately, the kernel
itself could be compromised too. Although it could be very difficult,
thereotically speaking, any kernel level protection, including
SELinux, could be disabled after the kernel is compromised. Am I
missing some points here?
On 4/17/05, Bernd Eckenfels <ecki@xxxxxxxxxxxx> wrote:
> In article <4ae3c140504170912b36e9b1@xxxxxxxxxxxxxx> you wrote:
> > Yes. I know, with immutable, even root cannot modify sensitive
> > files. What I am curious is if an intruder has root access, he may
> > have many ways to turn off the immutable protection and modify files.
>
> If you secure your system correctly (i.e make /dev/*mem imutable, disalow
> module loading, restrict io... (and I admit it is quite complicated to find
> all holes and secure it correctly without additional ptches like SELinux))
> then even root cant gt arround immutable or append only (without rebooting).
>
> Greetings
> Bernd
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/