On Fri, Sep 14, 2001 at 06:16:41PM +0200, Pål Halvorsen wrote:
> Is there any mechanisms that verify that the code in "loadable kernel
> modules" is safe and does not perform operations compromising system
> integrity?

Yes. reading the LKM source code thouroughly. Then reading it again. Then
imagine how you would go about to abuse it, and ponder if this would work.

Then get a couple of real crackerwizards (not 3l33t h@x0rz) to try the same.
If still nothing suspicious turns up, you're safe for a while to use that
LKM.

Sorry, there is no better answer. We have a monolithic kernel; whatever is 
inside it, is basically omnipotent and omnicient. That is the reason we can
(with normal security settings) only load LKMs from single user mode.

Regards,
	-is