[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kernel module loading vs securelevel
On Feb 1, 1:25am, Paul Goyette wrote:
} On Sat, 16 Oct 2010, David Holland wrote:
} > > And also make the "blessed" directory itself immutable? :)
} > As I recall the semantics of immutable are such that this isn't
} > necessary to protect modules that are present at boot time (that is,
} > they can't be unlinked/renamed/etc.), and if there are autoloadable
} > modules whose names aren't present at boot time, they'll fail the
} > check.
} I've already misread the code here once, but...
} As far as I can tell, each time a module_autoload call is made, if the
} module is neither built-in nor passed in by the boot loader, the code
} will attempt to load it via a call to kobj_load_vfs() which has path as
} an argument. It doesn't appear to me that there is any pre-approved
} list of acceptable objects that can be loaded from the file system.
No, there isn't. If the module is in the appropriate directory,
it can be loaded.
}-- End of excerpt from Paul Goyette
Main Index |
Thread Index |