Subject: Re: LKM
To: =?iso-8859-1?Q?P=E5l_Halvorsen?= <firstname.lastname@example.org>
From: Ignatios Souvatzis <email@example.com>
Date: 09/14/2001 21:52:49
On Fri, Sep 14, 2001 at 06:16:41PM +0200, Pål Halvorsen wrote:
> Is there any mechanisms that verify that the code in "loadable kernel
> modules" is safe and does not perform operations compromising system
Yes. reading the LKM source code thouroughly. Then reading it again. Then
imagine how you would go about to abuse it, and ponder if this would work.
Then get a couple of real crackerwizards (not 3l33t h@x0rz) to try the same.
If still nothing suspicious turns up, you're safe for a while to use that
Sorry, there is no better answer. We have a monolithic kernel; whatever is
inside it, is basically omnipotent and omnicient. That is the reason we can
(with normal security settings) only load LKMs from single user mode.