exploiting kernel

[Daniel Rudy]

At about the time of 12/1/2005 12:05 AM, iwan at staff.usd.ac.id stated the
following:
> Hi,
> Can kernel's freeBSD exploited by tools hacking ? If true,
> can I know how to fix this problem, and what tools can do
> that.
> 
> Thanks alot
> 
> 
> 
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
> 

Absolutely.

There is no such thing as bug proof software.  All software has bugs or
flaws in them.  Generally, when a security related bug is discovered,
the programmers fix the problem, then make a patch available by any one
of several means.  Then a security advisory is issued.

As for the bug, it depends on the nature of the bug to determine how to
exploit it.  Unchecked buffers are suseptible to buffer overflow
attacks, etc.  It all depends on the nature of the code and any details
that the programmer overlooked.  Even well written software, when
subjected to different types of abuse, will fail in unexpected and
spetacular ways.

Unfortunately, you cannot secure against future unknown security
problems in software.  The best that you can do it mitigate the risks of
compromise as much as possible by using ACLs, chflags, securelevel,
jails, and other security related features of the operating system.  The
other participents on this list have provided you with a number of
resources to secure your system.  I strongly suggest that you use them.

Later.
-- 
Daniel Rudy