People, how much attention are you going to get to this topic with a subject line like "(forw)"?
On Monday, 12 July 1999 at 12:28:03 +0000, crypt0genic wrote: > > Have you all seen this? > To: bugt...@securityfocus.com > > Hi folks, > > THC released a new article dealing with FreeBSD 3.x > Kernel modules that can attack/backdoor the > system. > You can find our article on http://thc.pimmel.com or > http://r3wt.base.org. For those of us who *hate* incorrect or approximate URLs, try http://thc.pimmel.com/files/thc/bsdkern.html. > Greets, pragmatic / The Hacker's Choice On Monday, 12 July 1999 at 21:19:45 +0930, Mark Newton wrote: > Karl Pielorz wrote: > >> Yes, a nice, effective - and simply way of replacing syscall's on FreeBSD... >> Some might say a little too 'simple'? > > Garbage. You can do this on any OS, whether it supports loadable > modules or not, if you've managed to win sufficient privileges through > some other means. FreeBSD (and other OSs with loadable module support) > merely provides a well-defined API which, like almost every other well- > defined API, can be abused by those who harbor ill-will. > > Making the interface "complicated" does absolutely nothing to stop > script-kiddies: Once a complicated interface is in an exploit script, > who cares how arcane it is? In fact, the most interesting thing about this (rather large) document is that it's the best documentation I've seen on klds. I don't know why anybody would want to use it for compromising security, since it's a *lot* of work, and to even get as far as installing it you have to be root already, so you would have plenty of easier alternatives. Greg -- See complete headers for address, home page and phone numbers finger g...@lemis.com for PGP public key To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message