Subject: Re: LKM
To: =?iso-8859-1?Q?P=E5l_Halvorsen?= <paalh@unik.no>
From: Ignatios Souvatzis <is@netbsd.org>
List: tech-security
Date: 09/14/2001 21:52:49
On Fri, Sep 14, 2001 at 06:16:41PM +0200, Pål Halvorsen wrote:
> Is there any mechanisms that verify that the code in "loadable kernel
> modules" is safe and does not perform operations compromising system
> integrity?

Yes. reading the LKM source code thouroughly. Then reading it again. Then
imagine how you would go about to abuse it, and ponder if this would work.

Then get a couple of real crackerwizards (not 3l33t h@x0rz) to try the same.
If still nothing suspicious turns up, you're safe for a while to use that
LKM.

Sorry, there is no better answer. We have a monolithic kernel; whatever is 
inside it, is basically omnipotent and omnicient. That is the reason we can
(with normal security settings) only load LKMs from single user mode.

Regards,
	-is