Re: How to fix the ptrace flaw without rebooting

Nuno Silva (nuno.silva@vgertech.com)
Fri, 04 Apr 2003 07:19:20 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Pete Zaitcev: "Patch for show_task"
Previous message: Andrey Panin: "[PATCH] visws framebuffer driver needs mm.h"

Hello!

Erik Hensema wrote:
>
> If you can't reboot to apply a security fix, you've got a serious problem.
>
> A better fix in a running system is to simply disable dynamic module
> loading: echo /no/such/file > /proc/sys/kernel/modprobe
> At the very least you can be sure your machine won't crash this way ;-)
>

IIRC, dynamic module loading is not required to exploit all the bugs
present in ptrace. Luckly all the exploits floating around require kmod :)

Regards,
Nuno Silva

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pete Zaitcev: "Patch for show_task"
Previous message: Andrey Panin: "[PATCH] visws framebuffer driver needs mm.h"