Subject: Re: new lkm stuff ?
To: Mike Long <email@example.com>
From: Peter Svensson <firstname.lastname@example.org>
Date: 08/29/1996 11:16:30
> The idea of securelevel is that not even root is trustworthy. So
> letting anyone, even root, load LKMs while securelevel is > 0
> compromises security.
LKMs can be loaded safely, provided they are "approved" at boot-time (residing
in a special directory?) and protected by suitable immutable-flags thereafter.
What you have then is no worse than the kernel itself. Loading arbitary,
unknown LKMs when securelevel>0 is of course a no-no.