/dev/mem exploit on Ubuntu

Kristian Hermansen kristian.hermansen at gmail.com
Wed Aug 1 17:32:28 UTC 2007

On 8/1/07, Ben Collins <ben.collins at ubuntu.com> wrote:
> Doesn't really look like an exploit to me. This binary requires that you
> already have root on the system. It's basically a rootkit (unless I'm
> missing something, but I'm not about to execute this program).

Yes, it is a rootkit.  I should have titled my subject properly.

> Once someone has root, your system is a done deal for the most part.

Do you really have to have full root, or just enough access privileges
in the kernel to modify the memory segments it is using?  The topic
came up because someone asked here about segmentation protection in
the kernel.  I am no Linux kernel guru by any means.  But I thought
maybe someone would find it interesting.  Of course, just poking
memory is not allowed for normal users :-)
Kristian Hermansen

More information about the ubuntu-server mailing list