On 4/25/06, Greg KH <greg@xxxxxxxxx> wrote: > On Tue, Apr 25, 2006 at 02:32:00AM +0530, Gaurav Dhiman wrote: > > Here is more on it ..... the actual technical reason, why it did not > > work as expected on Linux Kernel. > > > > Have a look: > > http://software.newsforge.com/article.pl?sid=06/04/18/1941251 > > Note that this is now fixed so the virus will "work" on the latest > 2.6.16-stable kernel release :) Hi Greg, Can you explain in bit detail, what was happening earlier. I got some idea that the register value was changed by Assembly code generated for sys_ftruncate() by GCC, but how it was not allowing the virus to act. Also do explain if you know what virus was intented to do. Also please put some light, can sytem call be invoked by some other mechanisum also other than int 0x80 ? (as mentioned in this or some other articles). I am in impression that system call can be done through only one entry of IDT and that is 0x80th entry, am I wrong ? Gaurav > > thanks, > > greg k-h > -- -- -Gaurav Email: gauravd.chd@xxxxxxxxx --------------------------------- Read my blog at: http://lkdp.blogspot.com/ --------------------------------- -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
