tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kernel module loading vs securelevel

On Feb 1,  1:25am, Paul Goyette wrote:
} On Sat, 16 Oct 2010, David Holland wrote:
} > > And also make the "blessed" directory itself immutable?  :)
} >
} > As I recall the semantics of immutable are such that this isn't
} > necessary to protect modules that are present at boot time (that is,
} > they can't be unlinked/renamed/etc.), and if there are autoloadable
} > modules whose names aren't present at boot time, they'll fail the
} > check.
} I've already misread the code here once, but...
} As far as I can tell, each time a module_autoload call is made, if the 
} module is neither built-in nor passed in by the boot loader, the code 
} will attempt to load it via a call to kobj_load_vfs() which has path as 
} an argument.  It doesn't appear to me that there is any pre-approved 
} list of acceptable objects that can be loaded from the file system.

     No, there isn't.  If the module is in the appropriate directory,
it can be loaded.

}-- End of excerpt from Paul Goyette

Home | Main Index | Thread Index | Old Index