Re: kernel module loading vs securelevel

To: paul%whooppee.com@localhost, David Holland <dholland-tech%NetBSD.org@localhost>
Subject: Re: kernel module loading vs securelevel
From: jnemeth%victoria.tc.ca@localhost (John Nemeth)
Date: Sat, 16 Oct 2010 13:53:01 -0700

On Feb 1,  1:25am, Paul Goyette wrote:
} On Sat, 16 Oct 2010, David Holland wrote:
} 
} > > And also make the "blessed" directory itself immutable?  :)
} >
} > As I recall the semantics of immutable are such that this isn't
} > necessary to protect modules that are present at boot time (that is,
} > they can't be unlinked/renamed/etc.), and if there are autoloadable
} > modules whose names aren't present at boot time, they'll fail the
} > check.
} 
} I've already misread the code here once, but...
} 
} As far as I can tell, each time a module_autoload call is made, if the 
} module is neither built-in nor passed in by the boot loader, the code 
} will attempt to load it via a call to kobj_load_vfs() which has path as 
} an argument.  It doesn't appear to me that there is any pre-approved 
} list of acceptable objects that can be loaded from the file system.

     No, there isn't.  If the module is in the appropriate directory,
it can be loaded.

}-- End of excerpt from Paul Goyette

References:
- Re: kernel module loading vs securelevel
  - From: Paul Goyette

Prev by Date: Re: kernel module loading vs securelevel
Next by Date: Re: kernel module loading vs securelevel
Previous by Thread: Re: How to make module autoloading play nice with securelevel
Next by Thread: Re: kernel module loading vs securelevel
Indexes:

Home | Main Index | Thread Index | Old Index