Hi Rajat, ...snip... > I will reiterate it again: > 1. no system can be 100% secure, but we can try to be closure. > 2. Writting a rootkit in kernel space could be 100 times harder compared to > security attacks in user space for cases like where you can assess complete > memory map. Personally, I think it would be 100 times easier to write a rootkit in kernel space compared to a security attack in user space. There is no security once you're inside the kernel. You can do anything. It's trivial to bypass any and all security put in place by the kernel, because all of the security is designed to prevent users from doing things they're not supposed not, not preventing other kernel code from doing it. To attack from user space, you have to find a loophole to get into kernel space and do you your stuff. When you're in kernel space already, you can omit the first phase of the attack. The second phase of the attack is identical once you're in kernel space. -- Dave Hylands Shuswap, BC, Canada http://www.DaveHylands.com/ -- To unsubscribe from this list: send an email with "unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx Please read the FAQ at http://kernelnewbies.org/FAQ
