Bugtraq mailing list archives
Re: Inherited & RO Filesystems
From: mouse () Collatz McRCIM McGill EDU (der Mouse)
Date: Mon, 24 Jun 1996 08:01:54 -0400
As an aside, an intruder could use an inherited filesystem (if supported by the OS) to get around not being able to install backdoors and trojans on RO media.
You don't need that; all you need is to drop the stuff somewhere local and then NFS-mount localhost:/some/where/writable on /where/you/want. But of course neither one will stay in place upon reboot, and as an admin, I'd much prefer a system that needed just a reboot to clean it of intruder damage than one that had to be reinstalled off backups. With BSD, you have the additional benefit that the mount list is kept in the kernel, so to hide your mount you have to trojan mount as well as whatever else - one more thing for the attacker to get wrong.... der Mouse mouse () collatz mcrcim mcgill edu
Current thread:
- Re: Inherited & RO Filesystems Brett Lymn (Jun 23)
- <Possible follow-ups>
- Re: Inherited & RO Filesystems der Mouse (Jun 24)
- Re: Inherited & RO Filesystems Brett Lymn (Jun 24)