tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kernel module loading vs securelevel



On Sat, Oct 16, 2010 at 11:23:29AM +0900, Izumi Tsutsui wrote:
 > > It would seem to be intentional.  After all, kernel modules can
 > > do all sorts of nasty things if they want to.
 > 
 > In that case, module autoload/autounload is not functional at all and
 > we have to specify all possible necessary modules explicitly
 > during boot time??

Yes. Otherwise it's quite easy to defeat securelevel by causing the
loading of a module that resets it to -1.

-- 
David A. Holland
dholland%netbsd.org@localhost


Home | Main Index | Thread Index | Old Index