On Wed, Oct 27, 2010 at 02:24:06PM -0700, Dave Hylands wrote: > Hi Jonathan, > > On Wed, Oct 27, 2010 at 1:00 PM, Jonathan Neuschäfer: > > On Wed, Oct 27, 2010 at 03:40:29PM -0400, John Mahoney wrote: > >> --snip-- > >> > >> > 1. no system can be 100% secure, but we can try to be closure. > >> > 2. Writting a rootkit in kernel space could be 100 times harder compared to > >> > security attacks in user space for cases like where you can assess complete > >> > memory map. > >> > > >> > I think I am making my point more cleare now. > >> > > >> > > >> Basically, this boils down to the ancient debate of microkernel vs > >> monolithic kernel. In Linux all memory is accessible by root regardless of > >> /dev/mem. > >> > >> -- > >> John > > Via simple pointers? > > Yes - provided it hasn't been swapped out. > > There are a few exceptions for a few processors with segmented memory > and other funky stuff, but generally, all of the memory is accessible > from kernel space by the use of a simple pointer. > > -- > Dave Hylands > Shuswap, BC, Canada > http://www.DaveHylands.com/ This makes pointer bugs in the kernel especially nasty. :-) What John wrote confused me because I interpreted `by root' as `by any process running with UID zero'. -- Jonathan -- To unsubscribe from this list: send an email with "unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx Please read the FAQ at http://kernelnewbies.org/FAQ
