Subject: Re: upgrading ipfilter (was: patch for limiting MSS)
To: NetBSD Networking Technical Discussion List <firstname.lastname@example.org>
From: Michael Richardson <email@example.com>
Date: 12/07/2001 23:33:46
>>>>> "David" == David Laight <David.Laight@btinternet.com> writes:
David> Seems to me a lot of the hardware device drivers could be loadable,
David> and much of the network stack. Makes developing / testing new drivers
David> easier - and enforces binary compatibility on you, not a bad
I guess that explains why non-technical Linux users are so successful at
upgrading their kernels. (:-| for the sarcasm impared)
Loadable modules are a nightmare of version control and security.
David> The loadable driver is no more likely to be compromised than the file
David> containing the filter rules....
We have multiple ways of protecting against things based upon securitylevels.
But, if you insist on loading modules after leaving single user mode, then
all bets are off. If you are happy to load all of the modules during boot
time, then you still have to reboot to change hardware. (or at least, "kill 1")
>> but that doesn't really solve the problem. You have to
>> update the ipfilter user tools and ipfilter kernel code in sync,
>> regardless of how the latter is loaded/linked into the kernel you run.
David> Not if the interface to the updated filter code is binary compatible
David> with the old version. Maybe the 'new' userspace programs know how to
David> load the 'new' or 'old' drivers, possibly with different rules....
This is a nice goal, period. It has nothing to do with modules though.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] firstname.lastname@example.org http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [