> Is there any reasonable way to be able to do modify a running kernel
> like this? I assume I can't count on the method from Phrack working
> forever...
The Phrack method involves following int 0x80 and then looking for
an instruction in the syscall code that points to the table. (Check the
archives for pt_fix.c that I posted about a month ago.) Note that it's
trivial to break this too; I planned to post a patch to do just that
but never got around to it...
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/