Killswitch: Per-function short-circuit mitigation primitive

3 comments

• tosti 26 minutes ago
  Better tooling for kpatch would be nice tho

  IIRC canonical makes patches for official ubuntu kernels but acts like a Chinese restaurant (closed kitchen, orders come in through a small hatch behind the counter)
• PeterWhittaker 2 hours ago
  Clever! I know some will say it's like closing the barn door after the horse left, but having this in place to mitigate future vulnerabilities will be handy.
  [-]
  • cyanydeez 1 hour ago
    ok, but what kind of nefarious use case will it enable if it is accessible to malfeasance.
    [-]
    • ObscureScience 1 hour ago
      I guess it could disable the killswitch
• frumiousirc 1 hour ago
  If I'm a malicious actor that gets root, can I killswitch the killswitch?
  [-]
  • cowthulhu 12 minutes ago
    Once you’ve got root, you don’t need to exploit compromised code to do whatever you want.
  • htmlenjoyye 1 hour ago
    you're on the other side of the secure door already

    killswitch is to prevent you from gaining root