Re: Proposal: Disable autoload of compat_xyz modules

To: matthew green <mrg%eterna.com.au@localhost>, Taylor R Campbell <campbell+netbsd-tech-kern%mumble.net@localhost>
Subject: Re: Proposal: Disable autoload of compat_xyz modules
From: Maxime Villard <max%m00nbsd.net@localhost>
Date: Wed, 2 Aug 2017 10:39:13 +0200

Le 02/08/2017 à 10:19, matthew green a écrit :

compat_linux
compat_linux32
compat_netbsd32


all of these are used regularly by many netbsd users.  please don't
include them in your list of targets.  saying "modload is OK" is
not how we treat the GENERIC kernel -- if it's OK, then it's OK for
GENERIC is how we treat that.

the latter is also essential for our mips64 platforms.


As said earlier, the last one indeed should not be in this list. But the first
two should.

If it's not how we treat the GENERIC kernel, then let's treat it this way from
now on. There is a clear difference between "modload is ok" and "generic is ok";
the former needs root's intervention at some point, the latter is open to
unprivileged users. Closing the door to unprivileged processes by default is
precisely the goal here.

When a vulnerability is found in compat_linux or compat_linux32 - which
regularly is the case -, it won't affect the base system anymore.

References:
- re: Proposal: Disable autoload of compat_xyz modules
  - From: matthew green

Prev by Date: re: Proposal: Disable autoload of compat_xyz modules
Next by Date: Re: Proposal: Disable autoload of compat_xyz modules
Previous by Thread: re: Proposal: Disable autoload of compat_xyz modules
Next by Thread: Re: Proposal: Disable autoload of compat_xyz modules
Indexes:

Home | Main Index | Thread Index | Old Index