On Sun, Apr 17, 2005 at 07:48:50PM -0400, Xin Zhao wrote: > any kernel level protection, including > SELinux, could be disabled after the kernel is compromised. Am I > missing some points here?
No, Immutable bit is an application of capabilities (or securelevel), you are right. If the kernel is compromised, the kernel is compromised. However immutable bit can make it hard to circumvent kernel's protetion, even for root attackers Gruss Bernd - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
