On Tue, Apr 26, 2011 at 09:49:25PM -0000, Kees Cook wrote: > But because the symbols can be extracted in the way you point out is > why the kernel image itself needs to be unreadable. This change is > to block the class of attacks carried out by script kiddies and > automated systems that expect to be able to look up symbols locally > and make exploits totally portable to all kernel versions.
You didn't appear to understand the code that I wrote: it gets out the symbols from any version of the kernel by simply reading the kernel *runtime memory*. So the attacker now has two alternative methods: (a) fire up a web browser or (b) inject shell code into the kernel which greps through physical memory to find the symbol tables, and note method (b) works with any kernel version without reference to the original vmlinuz file. > It changes the nature of future attacks, at least forcing attackers > to take additional steps. Yes, firing up a web browser or injecting an extra small piece of shell code into the kernel. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/759725 Title: The kernel is no longer readable by non-root users -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs