On 22/06/06, Ryan McBride <[EMAIL PROTECTED]> wrote:
On Thu, Jun 22, 2006 at 01:04:00PM +0100, Constantine A. Murenin wrote:
> On 21/06/06, Joco Salvatti <[EMAIL PROTECTED]> wrote:
> >So the attacker could enter in single
> >user mode, without the need for the root password, and load a
> >malicious kernel module.
>
> The attacker cannot load a malicious kernel module on OpenBSD, because
> OpenBSD specifically does not support loadable kernel modules for good. :)
Oh yeah? I guess I must be imagining things when I start vmware :-)
anchovy<1>:~$ uname -a
OpenBSD anchovy.countersiege.com 3.9 GENERIC#58 i386
anchovy<1>:~$ modstat
Type Id Off Loadaddr Size Info Rev Module Name
DEV 0 29 e8d01000 0001 e8d01220 2 linuxrtc
DEV 1 30 e8d7b000 0005 e8d7f300 2 vmmon
DEV 2 31 e8dfa000 0002 e8dfbce0 2 vmnet
Oops. :) I guess I misunderstood
http://en.wikipedia.org/wiki/Comparison_of_open_source_operating_systems
where "Kernel type" refers solely to the provided kernel of the OS
itself, not of the OS features that may be (ab)used by some
third-party modules...