System calls and rootkits

Posted Sep 12, 2008 15:21 UTC (Fri) by cde (guest, #46554)
Parent article: System calls and rootkits

If Linux had been based on a micro-kernel design, getting a rootkit install would have proven more difficult (although not impossible), since the area to secure is much smaller. But at the beginning of the 90's few were thinking years ahead of the security issues that would arise...

to post comments

System calls and rootkits

Posted Sep 12, 2008 20:27 UTC (Fri) by giraffedata (guest, #1954) [Link]

If Linux had been based on a micro-kernel design, getting a rootkit install would have proven more difficult (although not impossible), since the area to secure is much smaller.

I guess you mean getting a rootkit to install into the kernel would be more difficult. But as there would be correspondingly more places than the kernel into which to install a rootkit, I don't think the overall ease of installing a rootkit would be any different.

Note that even with Linux as it exists, a decent rootkit need not touch the kernel.

Microkernels

Posted Sep 14, 2008 22:59 UTC (Sun) by mlankhorst (subscriber, #52260) [Link] (1 responses)

Hurd is based on a microkernel.. yet still no stable release in sight..
linux was more pragmatical and based it on minix

Microkernels

Posted Sep 15, 2008 0:47 UTC (Mon) by vonbrand (subscriber, #4458) [Link]

No, Linux is not based on Minix (which is a microkernel, by the way). Linux was written according to published Unix design.

This common misconception is due to Linus running Minix for 386 while developing Linux. Fortunately, when Linus fat-fingered and killed his Minix, Linux was already far enough along to fight it on its own.