[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kernel module loading vs securelevel
On Sat, Oct 16, 2010 at 08:28:42PM +0000, Andrew Doran wrote:
> I may be missing your point but there are other ways of sabotaging
> the securelvel mechanism without kernel modules available. It doesn't
> seem like a new problem to me. A more obvious way to be mischievous
> for sure but not new.
Generally speaking, the other ways require a reboot. So this is worse
in what seems to me a relevant way.
I'm starting to think the simplest thing -- though it is not so simple! --
that lets people building systems where securelevel actually is used to
protect a TCB continue to do so, yet use kernel modules, is to record
which modules may be autoloaded at boot time, whether by content hash or
dev/ino (with the immutable requirement to ensure reuse does not screw
us up). The latter seems like it _should_ be simpler but I bet in practice
the former really is.
Main Index |
Thread Index |