Re: The disappearing sys_call_table export.

Chuck Ebbert (76306.1226@compuserve.com)
Fri, 9 May 2003 05:43:20 -0400


Terje wrote:

> Is there any reasonable way to be able to do modify a running kernel
> like this? I assume I can't count on the method from Phrack working
> forever...

The Phrack method involves following int 0x80 and then looking for
an instruction in the syscall code that points to the table. (Check the
archives for pt_fix.c that I posted about a month ago.) Note that it's
trivial to break this too; I planned to post a patch to do just that
but never got around to it...

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/