System calls and rootkits
System calls and rootkits
Posted Sep 22, 2008 20:49 UTC (Mon) by nix (subscriber, #2304)In reply to: System calls and rootkits by robbe
Parent article: System calls and rootkits
If you're root there are a simply enormous number of ways to compromise
the kernel or DoS the box to its knees. Maybe SELinux will eventually be
able to plug them all but it's not there yet.
the kernel or DoS the box to its knees. Maybe SELinux will eventually be
able to plug them all but it's not there yet.
(I saw one product for Solaris many years ago whose salesman claimed that
it protected the box from denials of service under 'all conditions',
specifically including conditions requiring physical access. I disproved
this bizarreclaim in the obvious way: pulling the plug.)