Patch from Openwall

[Rafał Rajs <rafal () safenet pl>]

Hi.

I have a question concerning Solar Designer's patch for Linux Kernel.

quotation ...
--------------------------------------------------------------------
Restricted /proc.

[..........]

This option restricts the permissions on /proc so that non-root users can
see their own processes only, and nothing about active network connections,
unless they're in a special group.  This group's id is specified via the
gid= mount option, and is 0 by default.  (Note: if you're using identd, you
will need to edit the inetd.conf line to run identd as this special group.)
Also, this disables dmesg(8) for the users.  You might want to use this
on an ISP shell server where privacy is an issue.  Note that these extra
restrictions can be trivially bypassed with physical access (without having
_______________________________________________________
to reboot).
________(!!!)

[........]
--------------------------------------------------------------------------

Could you tell me how it is possible? Is it really so trivial? I only find
one way to bypass it ... but it requires CONFIG_MAGIC_SYSRQ option compile
into kernel...
Do you know other ways???

thanks
Rafal