Subject: Re: new lkm stuff ?
To: Mike Long <mike.long@analog.com>
From: Peter Svensson <petersv@df.lth.se>
List: current-users
Date: 08/29/1996 11:16:30
> The idea of securelevel is that not even root is trustworthy.  So
> letting anyone, even root, load LKMs while securelevel is > 0
> compromises security.

LKMs can be loaded safely, provided they are "approved" at boot-time (residing 
in a special directory?) and protected by suitable immutable-flags thereafter. 
What you have then is no worse than the kernel itself. Loading arbitary, 
unknown LKMs when securelevel>0 is of course a no-no.

Peter