Subject: Re: LKM
To: Lennart Augustsson <lennart@augustsson.net>
From: =?iso-8859-1?Q?P=E5l_Halvorsen?= <paalh@unik.no>
List: tech-security
Date: 09/15/2001 12:02:26
On Fri, 14 Sep 2001, Lennart Augustsson wrote:

> P=E5l Halvorsen wrote:
>=20
> > Hi!
> >
> > Is there any mechanisms that verify that the code in "loadable kernel
> > modules" is safe and does not perform operations compromising system
> > integrity?
>=20
> Yes, but none of these are available in NetBSD

So the conclusion is that if a user want to crach the system, he/she might
do so by allowing the module do "illegal" operations on some kernel
structures.

The user must at least be root, or...?

-ph
---       . o  o   .  o  .  o ..  o ..  o .. o oo . o  . o o o
         _n_n_n____i_i _++++++_ _______ ________ _+++++++++++_
      *>(____________I I______I I_____I I______I I___________I
 __^__  /ooOOOO OOOOoo  oo ooo  oo   oo oo    oo ooo       ooo  __^__
( ___ )--------------------------------------------------------( ___ )
 | / | Paal Halvorsen   UniK - Center for technology at Kjeller | \ |
 | / |                                       University of Oslo | \ |
 | / | Phone: +47 64844731                               PB. 70 | \ |
 | / | Phone: +47 64844700 (switchboard)       N - 2027 KJELLER | \ |
 |_/_| Fax:   +47 63818146                               Norway |__|
(_____)-- E-mail: paalh@unik.no -- http://www.unik.no/~paalh --(_____)