[Info-vax] Malware in kernel mode, was: Re: Android development Was Re: OT: Larry Ellison takes retirement as CEO of Oracle
VAXman- at SendSpamHere.ORG
VAXman- at SendSpamHere.ORG
Fri Sep 26 07:00:39 EDT 2014
In article <7f2740f3-f749-4b52-9da2-22f8ad416f62 at googlegroups.com>, John Reagan <xyzzy1959 at gmail.com> writes:
>On Thursday, September 25, 2014 4:15:53 PM UTC-4, Simon Clubley wrote:
>
>> BTW, even if the OS hadn't mapped in the full hardware address space,
>> it would be trivial for the malware to create it's own page tables
>> (and reload the page table base address register) to gain that access
>> for itself.
>>
>
>Now you are talking malware that is VMS-specific, not general-purpose x86 malware (which isn't very common).
>
>What privs does Apache normally have on VMS? (I've never looked)
26-SEP-2014 06:59:42.19 User: APACHE$WWW Process ID: 3AA0043D
Node: xxxxxx Process name: "APACHE$SWS"
Authorized privileges:
NETMBX TMPMBX
Process privileges:
NETMBX may create network device
TMPMBX may create temporary mailbox
Process rights:
APACHE$WWW resource
APACHE$APR_ALL
APACHE$READ
APACHE$EXECUTE
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
I speak to machines with the voice of humanity.
More information about the Info-vax
mailing list