Subject: Re: verified executable kernel modification committed
To: Matthias Drochner <>
From: Brett Lymn <>
List: tech-security
Date: 10/31/2002 23:33:12
On Thu, Oct 31, 2002 at 12:36:34PM +0100, Matthias Drochner wrote:
> Excuse me is I'm missing something, but shouldn't
> the permission bits and owner be part of the fingerprint
> (or saved in the per-inode structure at VERIEXECLOAD time)?

Yes and yes.  Will fix that.

> Setting the suid bit can turn a harmless program into
> a backdoor...

Totally agree.

Brett Lymn