Bugtraq mailing list archives
Re: FreeBSD VM gremlin
From: imp () VILLAGE ORG (Warner Losh)
Date: Fri, 18 Sep 1998 13:29:29 -0600
In message <199809181149.HAA21721 () lunacity ne mediaone net> "Charles M. Hannum" writes: : : > You should have md5 checksums of files that you are concerned about, : > as timestamps are useless in the face of a good attacker. : : Rubbish! A checksum doesn't tell me that someone hadn't temporarily : replaced the file and has now put the original back. Ummm, you still can't tell that for a competant attacker. A good attacker can set the system time, frob the file, set it back let time pass and then do the same thing to get the original back. You'd never know. It is a bug in the FreeBSD VM system where a page gets marked as dirty, but the underlying pages are hardware protected against write, so the same contents are written out. Warner
Current thread:
- Re: FreeBSD VM gremlin Charles M. Hannum (Sep 18)
- Re: FreeBSD VM gremlin Warner Losh (Sep 18)
- Re: FreeBSD VM gremlin Harhalakis Stefanos (Sep 19)
- RedHat's RealServer. Jason Aras (Sep 18)
- <Possible follow-ups>
- Re: FreeBSD VM gremlin der Mouse (Sep 19)
- Re: FreeBSD VM gremlin James McParlane (Sep 20)
- Re: FreeBSD VM gremlin Warner Losh (Sep 18)