Bugtraq mailing list archives

Re: Re[2]: snooper watchers

From: karl () bagpuss demon co uk (Karl Strickland)
Date: Thu, 2 Mar 1995 17:15:59 +0000 (GMT)

Modifying running kernels isn't all that hard.

Doesnt 'how hard it is' depend on the modifications you're making?

On a typical BSD kernel finding suser() and altering the logic at that one
critical point is not hard. I've not tried sys5.4 and some BSD variants seem
to have it inlined now so its a bitch to do.


Yep hacking suser()'s idea of root's uid is an example of a trivial
modification, thats trivial to do.  What the other guy was on about - loading
new (non-loadable, obviously) modules into a running kernel is distinctly
non-trivial in comparison; hence my point that it depends on the mods you're
making.  Thats whay Im interested to hear the two ways.
-- 
------------------------------------------+-----------------------------------
Mailed using ELM on FreeBSD               |                    Karl Strickland
PGP 2.3a Public Key Available.            | Internet: karl () bagpuss demon co uk
                                          |

Current thread:

Re: Re[2]: snooper watchers fast forward futurama (Mar 01)
- Re: Re[2]: snooper watchers System Administrator (Mar 02)
- Large security hole in SGI IRIX 5.2 Larry Glaze (Mar 02)
  - Re: Large security hole in SGI IRIX 5.2 Christian A. Ratliff (Mar 03)
    - Re: Large security hole in SGI IRIX 5.2 Larry Glaze (Mar 03)
    - Re: Large security hole in SGI IRIX 5.2 Dave Schweisguth (Mar 03)
    - Re: Large security hole in SGI IRIX 5.2 Dave Schweisguth (Mar 03)
    - Re: Large security hole in SGI IRIX 5.2 Software Test Account (Mar 07)
    - Re: Large security hole in SGI IRIX 5.2 Steve Robbins (Mar 10)
- <Possible follow-ups>
- Re: Re[2]: snooper watchers F. L. Charles Seeger III (Mar 01)
- Re: snooper watchers der Mouse (Mar 01)

(Thread continues...)