Re: /dev/mem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Rajat,

...snip...

> I will reiterate it again:
> 1. no system can be 100% secure, but we can try to be closure.
> 2. Writting a rootkit in kernel space could be 100 times harder compared to
> security attacks in user space for cases like where you can assess complete
> memory map.

Personally, I think it would be 100 times easier to write a rootkit in
kernel space compared to a security attack in user space.

There is no security once you're inside the kernel. You can do
anything. It's trivial to bypass any and all security put in place by
the kernel, because all of the security is designed to prevent users
from doing things they're not supposed not, not preventing other
kernel code from doing it.

To attack from user space, you have to find a loophole to get into
kernel space and do you your stuff. When you're in  kernel space
already, you can omit the first phase of the attack. The second phase
of the attack is identical once you're in kernel space.

-- 
Dave Hylands
Shuswap, BC, Canada
http://www.DaveHylands.com/

--
To unsubscribe from this list: send an email with
"unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx
Please read the FAQ at http://kernelnewbies.org/FAQ



[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux