tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: modload_03.diff, was: Don't load kernel modules from the current directory



On Nov 20,  8:34pm, Iain Hibbert wrote:
} On Fri, 5 Aug 2011, Marc Balmer wrote:
} 
} > This is the third iteration of the patch to make kernel module loading
} > more secure.  The only change to the previous patch is that the code,
} > when loading a module from /stand/... now checks that the module name
} > does not contain a path separator character.
} >
} > modload <name> still works, but <name> must be available in the system
} > module area under /stand/...
} >
} > To load from any other location, either an absolute path or a relative
} > path starting with a '.' is needed.
} 
} strchr() is available in kernel I think

     I was wondering about this...

} also, is this complication of '.' really needed?  What I mean is, if you
} are checking for the path separator, why limit to current directory?
} 
}       if (strchr(name, '/') == NULL)
}               path = <module_base>/<name>/<name>.kmod
}       else
}               path = <name>

     I think I like this better for the first part.  Then the second
part is just for autoload and it can be left alone (or turned into an
else clause) since autoload can only be done from inside the kernel.

} which is the same semantics used by many other 'automatic file path'
} operations, requiring explicit current-dir to avoid accidents..
} 
} (as noted, you didn't exclude ./sub/dir/module anyway)
} 
}-- End of excerpt from Iain Hibbert


Home | Main Index | Thread Index | Old Index