On Mon, 14 Jan 2002, Dave Kline wrote: > "OTOH, if somebody obtains root privileges, he can probably plant a > kernel in the swapfile and instruct the boot loader to load it on the > next reboot. AFAIK, most if not all checksumming tools don't deal > properly with such scenarios. " > > Quite a scary scenario. How could one plant a file in swap? How could > you access that file?
If swap is enabled, the kernel knows where it is swapping, so you have the first part of the deal (assuming you will swapoff that swap partition/file). For the bootloader part, it is very platform-dependent, and some ones (such as grub) will be a pain in the ass if you only have swap partitions (as opposed to swap files). It IS possible, but it is much harder than pigging back code on the kernel without module support. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
