[nycbug-talk] kernels

Pete Wright pete
Thu Jun 3 18:06:02 EDT 2004 

Roland C. Dowdeswell wrote:

>On 1086299387 seconds since the Beginning of the UNIX epoch
>Bob Ippolito wrote:
>  
>
>
>  
>
>>On Jun 3, 2004, at 5:34 PM, Roland C. Dowdeswell wrote:
>>
>>    
>>
>>>On 1086295432 seconds since the Beginning of the UNIX epoch
>>>Bob Ippolito wrote:
>>>      
>>>
>>>>The security argument is kind of silly, because if that really was a
>>>>concern you could add a sysctl that lets you turn module loading off
>>>>(forever) at runtime.  So you boot up, load your modules, and turn
>>>>module loading off.  In practice, nobody really does this (as far as I
>>>>know) because only root can load kernel modules and root can do
>>>>whatever he wants anyway, whether or not the kernel is split into 1 or
>>>>1000 pieces.
>>>>        
>>>>
>>>There are things that you do not want to allow even root to do
>>>without dropping into single user mode on the console.  And you
>>>have to disable LKM loading in order to get there.  E.g. on NetBSD
>>>in secure level > 0, root cannot grovel the PCI bus and directly
>>>access hardware, write to immutable files, etc.
>>>      
>>>
>>Sure, but that is completely orthogonal to *having* LKM.  It's very 
>>easy to have a kill-switch sysctl that turns it off until the next 
>>reboot.
>>    
>>
>
>Yes, of course.  I was just pointing out that one of your assertions,
>``root can do whatever he wants anyway'' is not entirely accurate.
>I was not arguing that a switch to turn off LKM loading would not
>solve the issue, in fact that's how NetBSD deals with it.  LKMs
>are not allowed to be loaded or unloaded in securelevel > 0.
>  
>

how does setting the securelevel in NetBSD work?  i'm not very familiar 
with it :(  Is this a boot time option, or kernel compiletime option?  
I'd assume setting security levels ala sysctl would not be the best 
thing.  If someone get's root, then can alter sysctl parms. etc....

-p


>--
>    Roland Dowdeswell                      http://www.Imrryr.ORG/~elric/
>  
>


-- 
~~~oO00Oo~~~
Pete Wright
email:  pete at nomadlogic.org
mobile: 917.415.9866
web:    www.nomadlogic.org/~pete

More information about the talk mailing list