Muli Ben-Yehuda's journal

August 8, 2004

august-2.6.8-rc2bk8 patch is up

Filed under: Uncategorized — Muli Ben-Yehuda @ 3:57 PM

August Penguin 2004 happened on Friday morning, and was a blast. My
patch which was used in the hacking competition is available on the kernel page.

This is august-2.6.8-rc2bk8-F1,
a small patch I wrote for the August Penguing 2004
Linux convention hacking
. The contest had several stages. In each stage,
the contestants needed to perform a task. For stage 3, the
task was to change a file named ‘stage3.tmp’. The obstacle in
their way was this patch.

The patch has two parts: the first is a Linux Security
Module named “august.c”, which protects this file from
unwanted access via the LSM hooks. It also has a small
backdoor – it only works if the date is after the beginning
of August 2004. Contestans were expected to find the patch
(we left the sources on the machines), discern the backdoor,
change the date, and win. Version -E1, which was used in the
competition, also had some interesting “side effects” like
zeroing the file whenever it was accessed.

In order to prevent the contestants from booting with a
non-modifed kernel and changing the file there, we put the
file on a loopback mounted minix file system. This minix
file system had a non standard magic number in its
superblock, which means that only a kernel that had a patch
to its minix fs code to recognize our minix magic number
would agree to mount it. This is the second part of the

(prev: -A1,

1 Comment »

  1. whoops. ok i saw this now.

    Comment by ideawerkz — August 8, 2004 @ 7:57 AM | Reply

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

%d bloggers like this: