From owner-freebsd-chat Mon Jul 10 0:23:58 2000 Delivered-To: freebsd-chat@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id B462A37BC7F for ; Mon, 10 Jul 2000 00:23:56 -0700 (PDT) (envelope-from bright@fw.wintelcom.net) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e6A7Nfh20141; Mon, 10 Jul 2000 00:23:41 -0700 (PDT) Date: Mon, 10 Jul 2000 00:23:41 -0700 From: Alfred Perlstein To: Dag-Erling Smorgrav Cc: Marius Bendiksen , Adam , chat@FreeBSD.ORG Subject: Re: making the snoop device loadable. Message-ID: <20000710002341.E25571@fw.wintelcom.net> References: <20000709165702.V25571@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: ; from des@flood.ping.uio.no on Mon, Jul 10, 2000 at 09:08:43AM +0200 Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org * Dag-Erling Smorgrav [000710 00:08] wrote: > [moving from -arch to -chat] > > Alfred Perlstein writes: > > * Marius Bendiksen [000709 16:54] wrote: > > > Thing is; disabling kernel modules will avail you little, as an > > > illegitimate user can still use the memory devices to access physical > > > memory, and thus binary patch a live kernel. This is hard, but it can, and > > > has been done. Eivind mentioned one particular case with a person who > > > binary-patched the kernel of an old Unix to bypass the 14 character file > > > name length limitation without severing the uptime. > > I owe that person a beer. > > He's a committer (tegge@freebsd.org). The OS in question, IIRC, was > DolphinOS on an ND UniLine 8820 (colloquially known as Flipper). Ah that makes sense, Tor Egge is truly fearsome. :) -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message