Exploiting the Linux kernel
Before we explore exploiting the Linux kernel, we need to know what it is and why it is important. Operating systems, Windows included, typically operate in two modes. The first is user mode, sometimes referred to as user land or ring 3. This is where applications, user accounts, and files everyone is familiar with exist. The second mode is kernel mode, also known as ring 0. Code that executes here typically has elevated privileges with full access to the software and hardware on the system. The reason is much of the code facilitates general operations of the system such as memory management, disk access, execution threads, and so on. In other words, the kernel, just like in Windows, is the main control for everything in the operating system.
So, why is it so important, and how is it exploited? It controls how the system operates and enforces the security model, including things such as directory permissions. However, what makes it different is the fact...
