[lug] Linux sysctl() Kernel Memory Reading Vulnerability

D. Stimits stimits at idcomm.com
Sat Feb 17 14:04:27 MST 2001


John Karns wrote:
> 
> On Fri, 16 Feb 2001, D. Stimits said:
> 
> > Within that, you will have subdirectories, and modules can exist in most
> > any of them. The modules have a ".o" suffix. I don't know which
> > directory is best for this module, and it depends on if you use 2.2.x or
> > 2.4.x as to the subdirectories available, but I would guess it goes in
> > either an i386/kernel/ (2.4.x) or misc/ (2.2.x) directory. Then try
> > either "depmod -a", or "insmod themodulename.o" (or modprobe), while
> > monitoring /var/log/messages (e.g., "tail -f -n 30 /var/log/messages"
> > will continuously monitor and display the log as it runs). If you don't
> > like the module, delete it or move it, no harm done. So in addition to
> > what you mentioned to activate it, you simply need to be sure it is
> > where it can be found first, in the right modules subdirectory.
> 
> Don't you also have add a record / line to /etc/modules.conf (or is it
> conf.modules...) in reference to the module before running depmod?
> 
> ----------------------------------------------------------------------
> John Karns                                              jkarns at csd.net
> 

Only needed if the module requires parameters to be passed to it. E.G.,
joystick modules might need base address, or ethernet cards might need a
parameter. I didn't see anywhere that these particular modules used
special parameters, but I didn't look that closely for it either...they
could require it, but I don't think they do in this case.

D. Stimits, stimits at idcomm.com



More information about the LUG mailing list