mailing list archives
Re: Analysis of Tribe Flood Network
From: mouse () RODENTS MONTREAL QC CA (der Mouse)
Date: Thu, 9 Dec 1999 16:44:09 -0500
[...], and that some people still haven't realized that a root
compromise means *total control* over the systems hard- and
Um, not quite - though admittedly pretty close. The main thing
cracking root doesn't get you is physical access. For example, if the
machine's only disk drive has its write-disable jumper in place, you
*can't* write to it, you *can't* trojan its executables, even if you
gained control of not only userland root but the kernel.
That's another thing root access doesn't give you - kernel control.
It's often a fairly short step, but not always.
including denial of service, automated compromising of other
machines, remote eavesdropping,
All true, assuming the kernel is willing to let root do those things.
There is no reason the kernel *has* to be willing to put the network
interface in promiscuous mode at all - indeed, it'd be fairly easy to
build a kernel that doesn't. And one box I've been considering putting
together wouldn't even have a userland to compromise; it's raison
d'etre (if and when) is going to be a particular form of packet
forwarding, wholly in-kernel. No root to crack!
Not that this should render anyone complacent, of course. A root
compromise is pretty serious, and on most machines having root *does*
give you everything you could want.
mouse () rodents montreal qc ca
7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B