tech-security: Re: verified executable kernel modification committed

Subject: Re: verified executable kernel modification committed
To: Brett Lymn <blymn@baesystems.com.au>
From: Matthias Drochner <M.Drochner@fz-juelich.de>
List: tech-security
Date: 10/31/2002 12:36:34

Excuse me is I'm missing something, but shouldn't
the permission bits and owner be part of the fingerprint
(or saved in the per-inode structure at VERIEXECLOAD time)?

Setting the suid bit can turn a harmless program into
a backdoor...

best regards
Matthias