If there is malicious code in a kernel module, then discussions of relocations become moot.
Sent from my Android 4.0 device. Please forgive any spelling or grammatical errors. On Apr 4, 2012 11:35 AM, "jb" <jb.1234a...@gmail.com> wrote: > Peter Wemm <peter <at> wemm.org> writes: > > > ... > > There is no way to interfere because it is done outside of user space > > entirely, **after** the file has been copied out of the file system. > > You can do whatever you like to the file, but it has no effect because > > all the relocation is done in a private kernel copy. > > ... > > What if attack code (broadly understood) is part of module code, and is > based > on either or both of: > - hidden (as to meaning and reloc targets) arrangement of relocations > needed > - has an ability of (self) activation during load/link and *relocations* > process > already under the privilege of the kernel ? > > Is that possible at all ? > Would there be any protection against it (except giving up relocations as > an enabling vehicle) ? > > jb > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org" > _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
