tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kernel module loading vs securelevel



> > I'm just asking if "options INSECURE is mandaory to use autoloading,"
> > not module/autoloading is secure/silly/boo or not.
> 
> No.  As far as I can tell, there's a bug in the relevant kauth listener,
> at least in terms of the original intent of the author of the autoloading
> code; the system scope kauth listener should return DEFER, not DENY.

Okay, fair enough. Thanks.

> However, I think it's a troublesome question whether this is really
> the right policy to apply.
 :

Well, it's another discussion how modules can be secure,
which is out of my scope.

---
Izumi Tsutsui


Home | Main Index | Thread Index | Old Index