executing insmod hangs the entire os
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Tue Feb 17 13:29:48 EST 2015
On Tue, 17 Feb 2015 21:46:00 +0530, noyb noybee said:
> am on a VM running CentOS 6.6 with kernel version 2.6.32-504.
Which probably has kernel relocation and ASLR enabled.
> unsigned long *syscall_table = (unsigned long *)0xffffffff81600560;
So that isn't pointing at the syscall table in the running kernel.
> syscall_table[__NR_chroot] = new_chroot;
So you just trashed an essentially random location in memory.
You explained in a private email what you were trying to do here - and
I'll point out that it essentially changes the kernel API in unexpected
and undocumented ways. It even introduces some security holes and bugs (hint -
if you close all file descriptors, what happens to programs that were expecting
stdin/stdout/stderr to be open? In particular, programs that open, say,
/dev/log so they have syslog output, and then chroot. Or programs that
open a socket, then chroot and drop permissions (like openssh's sshd for
privilege separation).
You're really not doing yourself a favor with this whack-a-mole approach
to security. You *really* need to sit down and think about what problem
you're trying to solve here.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
Url : http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20150217/13a745b3/attachment.bin
More information about the Kernelnewbies
mailing list