Re: /dev/nvram on my Celebris

David Luyer (luyer@ucs.uwa.edu.au)
Thu, 26 Nov 1998 12:01:46 +0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Adam Heath: "2.1.130pre3 compile probs initrd"
Previous message: David Luyer: "Re: The history of the Linux OS"

>
> On Tue, 24 Nov 1998, Johnny Tevessen wrote:
>
> > Quoting Riccardo Facchetti (fizban@tin.it):
>
> > Yes. So: Nobody sane working on a box that *might* be taken over
> > should enable such settings at compile time. He/she won't even
> > be able to reboot if someone became root (by a yet unknown
> > attack that might even pass a firewall).
>
> Considering it may be built as a module, I'd say it would be trivial to
> compile on the attacked box.

Quite easy to disable modules in the first place. However there's nothing
to stop the attacker compiling a new kernel and rebooting into it unless you
go to significant effort there too, and then it becomes a pain to quickly fix
a kernel problem which suddenly comes up.

David.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Adam Heath: "2.1.130pre3 compile probs initrd"
Previous message: David Luyer: "Re: The history of the Linux OS"