Found, a new rootkit
Mike McCarty
Mike.McCarty at sbcglobal.net
Mon Apr 10 06:42:49 UTC 2006
Les Mikesell wrote:
> On Fri, 2006-04-07 at 16:03, Mike McCarty wrote:
>
>
>>MSDOS does *not* use interrupt driven I/O on those ports. It uses
>>BIOS calls, specifically INT 14h. For example, from Ralph Brown's
>>interrupt list
>
>
> I don't see how trusting bios equates to secure code.
It doesn't. And I didn't say so. Any system with external
connections only enjoys relative security. I don't "trust"
BIOS. But the BIOS code is there regardless of whether
Linux or MSDOS or whatever OS (or even no OS) sits on top
of it.
>>Precisely. And unless an application invokes MSDOS, it will never
>>do anything to the serial port, nor will the BIOS.
>
>
> You can say the same for the keyboard - and the input devices
> are more or less interchangeable. The application might be
> COPY.
I don't follow the point.
>>If there is more code, there is more exposure. MSDOS has much less
>>code than Linux and the Linux drivers for the serial ports.
>
>
> I think you need to take quality of code into account in a
> statement like that.
Certainly. But no matter how carefully crafted, more code
equates to more exposure.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
More information about the fedora-list
mailing list