[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Emergency Unmount...

To: sponge@laser.dsi.unimi.it
Subject: Re: Emergency Unmount...
From: Erik Mouw <J.A.K.Mouw@ITS.TUDelft.NL>
Date: Wed, 4 Apr 2001 18:14:31 +0200
Cc: Kernel Newbies Mailing List <kernelnewbies@nl.linux.org>
In-Reply-To: <20010404175511.A400@zion.laser.dsi.unimi.it>; from sponge@tiscalinet.it on Wed, Apr 04, 2001 at 05:55:11PM +0200
Organization: Eric Conspiracy Secret Labs
References: <20010404115501.A22268@zion.laser.dsi.unimi.it> <20010404133038.B7160@arthur.ubicom.tudelft.nl> <20010404143026.B22326@zion.laser.dsi.unimi.it> <20010404150505.B18749@arthur.ubicom.tudelft.nl> <20010404175511.A400@zion.laser.dsi.unimi.it>
Sender: owner-kernelnewbies@nl.linux.org
User-Agent: Mutt/1.2.5i

On Wed, Apr 04, 2001 at 05:55:11PM +0200, Perego Paolo wrote:
> On Wed, Apr 04, 2001 at 03:05:05PM +0200, Erik Mouw wrote:
> > > I can't figure out what do you means talking about obscurity :)
> > 
> > Obscure (and/or undocumented) ways to protect a system are not going to
> In documentation I will exlain that you need to enter the password twice in
> the char dev. The point is that just the legal root, knows which is the
> password to use. The password is however stored hashed using MD5.

An MD5 hash is not going to help you. Just hash any password you like,
write it into the kernel memory and you're set.

> I agree that, a skilled cracker could bypass my work playing along /dev/kmem.

So what's the point of having this feature anyway? :)

> Who needs writing ( except kernel of course ) in /dev/kmem?

insmod/modprobe/lsmod.

> > I think you can do it very simple by using the exported function
> > handle_sysrq():
> Maybe I'm wrong, but I'm newbie in kernel hacking.
> I've included linux/sysrq.h. I've compiled the module correctly but, during
> insmod, sysrq_enabled and handle_sysrq are signaled as unresolved symbol...
> 
> zion:~/tesi# insmod angel.o password=paolo
> angel.o: unresolved symbol sysrq_enabled
> angel.o: unresolved symbol handle_sysrq
> zion:~/tesi#
> 
> They appear in System.map:
> c01744f0 T handle_sysrq
> c022c878 D sysrq_enabled
> 
> But don't in /proc/ksyms:
> zion:~/tesi# grep sysrq /proc/ksyms
> c028c624 sysrq_power_off_R0c257849
> zion:~/tesi#

Sorry, SIGDINNER, no time left to find out :)


Erik

-- 
J.A.K. (Erik) Mouw, Information and Communication Theory Group, Department
of Electrical Engineering, Faculty of Information Technology and Systems,
Delft University of Technology, PO BOX 5031,  2600 GA Delft, The Netherlands
Phone: +31-15-2783635  Fax: +31-15-2781843  Email: J.A.K.Mouw@its.tudelft.nl
WWW: http://www-ict.its.tudelft.nl/~erik/
-
Kernelnewbies: Help each other learn about the Linux kernel.
Archive:       http://mail.nl.linux.org/
IRC Channel:   irc.openprojects.net / #kernelnewbies
Web Page:      http://www.kernelnewbies.org/

Follow-Ups:
- Re: Emergency Unmount...
  - From: Perego Paolo <sponge@tiscalinet.it>

References:
- Emergency Unmount...
  - From: Perego Paolo <sponge@tiscalinet.it>
- Re: Emergency Unmount...
  - From: Erik Mouw <J.A.K.Mouw@ITS.TUDelft.NL>
- Re: Emergency Unmount...
  - From: Perego Paolo <sponge@tiscalinet.it>
- Re: Emergency Unmount...
  - From: Erik Mouw <J.A.K.Mouw@ITS.TUDelft.NL>
- Re: Emergency Unmount...
  - From: Perego Paolo <sponge@tiscalinet.it>
- Re: Emergency Unmount...
  - From: Perego Paolo <sponge@tiscalinet.it>

Prev by Date: Re: accesed bit on ptes
Next by Date: Re: Emergency Unmount...
Prev by thread: Re: Emergency Unmount...
Next by thread: Re: Emergency Unmount...
Index(es):
- Date
- Thread