Re: Don't load kernel modules from the current directory, second diff

[Marc Balmer <mbalmer%NetBSD.org@localhost>]

Am 04.08.11 13:37, schrieb John Nemeth:
> On Dec 25,  7:20am, Marc Balmer wrote:
> } Subject: Re: Don't load kernel modules from the current directory, second 
> } This is a multi-part message in MIME format.
> } --------------030702090605080608070109
> } Content-Type: text/plain; charset=ISO-8859-15
> } Content-Transfer-Encoding: 7bit
> } 
> } Thanks to all that replied to my initial diff.  This second version is
> } better, it allows to load a module from the filesystem with either an
> } absolute path starting with '/' or a relative path starting with '.'.
> } So you can still load a module from the CWD using
> } 
> } modload ./mymodule.kmod
> } 
> } module_load_vfs() is changed in two ways:  When a module is loaded from
> } the path given to modload, it must start with either '.' or '/'.  If a
> } path is constructed to load the module from the system module area, it
> } must not start with '.' or '/'.
> 
>      If you really want to beef up the security of loading from the
> system module area, you should make sure there is no / anywhere in
> name.  Granted, with name being added to path twice, it will be very
> difficult to come up with something that will escape the system module
> area and load some random module (even without your change to that
> part).
> 
> } kobj_load_vfs() will only load an object with a path starting with
> } either '/' or '.'
> } 
> }-- End of excerpt from Marc Balmer

Well, indeed I think the second part of the change to module_load_vfs()
can be ommitted.  Primary goal if my patch is to prevent inadvertently
loading from CWD when actually loading from the system module area was
intended.