Steven M. Bellovin wrote:
> In message <200602201726.MAA19825@Sparkle.Rodents.Montreal.QC.CA>, der Mouse wr
> ites:
>   
>>>> I'm with you.  I've been hacking kernels (or the equivalent) since
>>>> 1967.  I'd much rather have LKMs.  If I were king, I'd decree that
>>>> *all* device drivers must be loadable, and *all* device drivers
>>>> should be dynamically loaded except for those that are necessary to
>>>> boot the system and read in new device drivers.
>>>>         
>> If I were trying to build hardened systems, I'd be really glad you're
>> not king.  One of the first things I do when building a
>> security-critical system is remove LKM capability.  Securing one file
>> (which may not even be a normal file) on boot media is a significantly
>> easier task than securing a few dozen files in the running system's
>> filesystem.
>>
>>     
> You're right that it needs to be possible to build static kernels.  I'd 
> love a framework where the identical .o could be used either way. 
>
>
> 		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
>
>   
Yes, please.

-- 
Garrett D'Amore, Principal Software Engineer
Tadpole Computer / Computing Technologies Division,
General Dynamics C4 Systems
http://www.tadpolecomputer.com/
Phone: 951 325-2134  Fax: 951 325-2191