BugTraq
Unprivilegued settings for FreeBSD kernel variables Jun 15 2004 06:42AM
Radko Keves (rado unitra sk) (3 replies)
Re: Unprivilegued settings for FreeBSD kernel variables Jun 18 2004 05:08PM
Jason V. Miller (jmiller securityfocus com)
Re: Unprivilegued settings for FreeBSD kernel variables Jun 17 2004 11:28AM
Manuel Bouyer (bouyer antioche eu org) (2 replies)
Re: Unprivilegued settings for FreeBSD kernel variables Jun 18 2004 09:27PM
Valdis Kletnieks vt edu (1 replies)
Re: Unprivilegued settings for FreeBSD kernel variables Jun 19 2004 09:38PM
wietse porcupine org (Wietse Venema)
Valdis.Kletnieks (at) vt (dot) edu [email concealed]:
-- Start of PGP signed section.
> On Thu, 17 Jun 2004 13:28:59 +0200, Manuel Bouyer said:
> > On Tue, Jun 15, 2004 at 08:42:23AM +0200, Radko Keves wrote:
> > > [...]
> > >
> > > AFFECTED DISTRIBUTIONS:
> > > FreeBSD 5.x i386
> > > FreeBSD, OpenBSD, NetBSD is most likely also affected (investigation needed)
> >
> > NetBSD is not, a LKM can't be loaded if securelevel is > 0.
>
> Note *very* carefully the fact that the statement "you can't load a LKM" is not
> totally identical to "you can't cause an LKM to be in the kernel".
>
> Hunt down the Phrack article on loading an LKM into a Linux kernel *that
> doesn't even have module support*, and ask yourself if you're quite as sure
> that there is *zero* vulnerability there....

FYI, with BSD securelevel > 0, you can't poke a module into the
kernel via /dev/*mem, so this Linux loading method won't work.

Likewise, write access to mounted devices is forbidden. Without
such restrictions, securelevels would be pretty much meaningless.

For more details, please see "man securelevel" or equivalent.

Wietse

[ reply ]
Re: Unprivilegued settings for FreeBSD kernel variables Jun 18 2004 08:25PM
Henning Brauer (hb-bugtraq bsws de)
Re: Unprivilegued settings for FreeBSD kernel variables Jun 15 2004 07:01PM
des des no (Dag-Erling Smørgrav) (2 replies)
Re: Unprivilegued settings for FreeBSD kernel variables Jun 17 2004 02:33PM
Eygene A. Ryabinkin (rea rea mbslab kiae ru) (2 replies)
Re: Unprivilegued settings for FreeBSD kernel variables Jun 18 2004 06:01PM
Christian Ullrich (chris chrullrich de)
Re: Unprivilegued settings for FreeBSD kernel variables Jun 18 2004 05:18PM
Jason V. Miller (jmiller securityfocus com)
Re: Unprivilegued settings for FreeBSD kernel variables Jun 17 2004 09:14AM
Ivaylo Kostadinov (ivaylo kostadinov computing-services oxford ac uk)


 

Privacy Statement
Copyright 2010, SecurityFocus