1) how is going Andre's patch to protect from the case where
the malicious user compiles a kernel module (or recompiles the kernel),
eliminating his patch.
As far as i can understand the patch would work only if the malicious
user gaining rood can't compile a kernel module or get a fresh kernel
source rebuild it without the patch and run it. that is no kernel-source,
no compilers, no ftp access to download compilers and kernel source, or
pre-compiled modules.
The only case where it would help would be to prevent some buffer overflow
to a root process or some trojan horse to do the dirty job automatically.
- enrico
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/