Subject: Re: LKM
To: Lennart Augustsson <lennart@augustsson.net>
From: Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de>
List: tech-security
Date: 09/14/2001 20:03:59
[trimmed list of lists this goes to]
On Fri, 14 Sep 2001, Lennart Augustsson wrote:
> > Is there any mechanisms that verify that the code in "loadable kernel
> > modules" is safe and does not perform operations compromising system
> > integrity?
>
> Yes, but none of these are available in NetBSD (or any other wide spread
> OS, AFAIK). One such technique is called proof carrying code. Each piece
> of code loaded into the kernel is accompanied by a (formal) proof that it
> does no damage. Before loading the code the proof+code is run through
> a proof checker.
Isn't that similar to the "driver signing" WinXP does?
On a related note, IIRC there's some work going on about allowing only
signed binaries to run. Maybe that could be extended to LKMs somehow.
- Hubert
--
Want to get a clue on IPv6 but don't know where to start? Try this:
* Basics -> http://www.onlamp.com/pub/a/onlamp/2001/05/24/ipv6_tutorial.html
* Setup -> http://www.onlamp.com/pub/a/onlamp/2001/06/01/ipv6_tutorial.html
Of course with your #1 IPv6 ready operating system -> http://www.NetBSD.org/