Re: Misc Fixes

Zefram (
Tue, 9 Jul 1996 17:23:13 +0100 (BST)

>Tried getting this patch through during 1.3; Linus rejected it as making
>it too easy for module to circumvent securelevel. The fix he wanted was
>write a functional interfaces so that it would be possible for ext2 to
>obtain the current securelevel settings, without being able to set it.

Unless I'm gravely mistaken about the nature of Linux modules, any
loaded module can *actually* modify securelevel -- or indeed do
anything that the current securelevel would normally prohibit --
regardless of this patch. The only difference is that without this
patch (a) a lot of things are not easily modularised and (b) it's
non-trivial to write a module to maliciously change the securelevel
(though still easy to do other nasty things).

A function such as you describe will effectively give away the address
of securelevel to malicious code (it knows where the function is and
doesn't need to do as much as a disassembly), but will still hinder
legitimate code. The obvious solution is to disallow loading/unloading
of modules at a sufficiently high securelevel.