[Freebsd-security] Re: FreeBSD
SecurityAdvisoryFreeBSD-SA-04:04.tcp
G.P. de Boer
g.p.de.boer at st.hanze.nl
Wed Mar 3 07:03:15 PST 2004
On Wed, 2004-03-03 at 11:10, Patrick Proniewski wrote:
> > But as it is said, that you need to patch or cvsup the kernel source,
> > rebuild kernel, and reboot.
> > Is there any way to do such thing without rebooting?
> you might be able to unload a module and load a patched module, but
> when it comes to the kernel, you have no other choice than to reboot
>
> By the way, the process is really fast and painless. I've cvsuped my
> sources and made buildkernel / installkernel last night on my internet
> gateway, and finally rebooted. The reboot was so fast that my computer
> behind this gateway didn't even lose it's IRC session.
You -can- patch a run-time kernel by loading a KLD which, with a bit of
magic voodoo, replaces whatever function you want with your own. That
said, the TCP reassembly patch is quite complex compared to other
bugfixes and may well not be as easy to patch this way. If there are new
structures being used, things get quite nasty fast.
I agree with Patrick that a reboot is the safest and
really-not-that-sucky way to resolve this.
--
G.P. de Boer
More information about the freebsd-security
mailing list