Thread
:
[BETA] prepatch a system-wide patching system (alternative to patchmanager)
View Single Post
Amboss
2018-03-12 , 21:11
Posts: 237 | Thanked: 502 times | Joined on May 2010 @ Mittelfranken, Germany
#
12
Originally Posted by
tortoisedoc
Hello? Security? Am I the only one worried here?
I think I know where you're heading.
Patchmanager modifies files which I can check afterwards to be in place and doing what its was meant for. Checking
can
happen even in an environment like recovery shell.
Prepatch is injected in file system calls. You say yourself "be sure turn of this patch or that" to actually copy the correct file. So if you want to be sure, a patch does not contain malicious parts, you have to check that either before installing or
has to
happen in recovery shell were the prepatch is not loaded. Otherwise you can't be sure while prepatch is active. Because if someone wants to add malicious code, he just needs to also cover any file requests regarding his files with something innocent using the same architecture.
Quote & Reply
|
The Following 10 Users Say Thank You to Amboss For This Useful Post:
eekkelund
,
Fellfrosch
,
jakibaki
,
juiceme
,
lal
,
MartinK
,
olf
,
peterleinchen
,
taixzo
,
Zeta
Amboss
View Public Profile
Send a private message to Amboss
Find all posts by Amboss