tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: How to make module autoloading play nice with securelevel



There is discussion about how to deal with securing access to module
contents via kobj_load_vfs(), which I won't repeat.

Let me ask two highlevel questions:
    1) what class of systems care to enable securelevel, yet still
       need to load some random set of modules after boot?
       Are they x86 desktops or multi-gigabit servers in the cloud?
       (virtual or not)
       Or are they embedded ARM/MIPS devices living inside light bulbs?

    2) aside from system memory, is there anything lost if the module
       is loaded before securelevel>0? 

What I am getting at, is if the set of modules can not change after 
securelevel>0,
and the system has lots of ram, then what exactly is lost by loading
them *ALL* into memory at that point? (other than ram)

Alternatively, what if the system calculated an cryptographic hash over
the module file contents at that point?

These things seem much simpler than trying to find a way to lock down a
particular set of paths --- it's not the file names we care about, it's
the contents.

-- 
]       He who is tired of Weird Al is tired of life!           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr%sandelman.ottawa.on.ca@localhost http://www.sandelman.ottawa.on.ca/ 
|device driver[
   Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE>
                       then sign the petition. 


Home | Main Index | Thread Index | Old Index