Re: Misc Fixes

Zefram (
Fri, 12 Jul 1996 17:12:11 +0100 (BST)

>Just insisting a module loader was started before the securelevel was raised
>would do the job I think.

I don't think so. There are ways the process could be manipulated --
writing to its inode, for one. Requiring the inode to be immutable
would help somewhat. ptrace also has possibilities, and one really
doesn't want to disable that normally. Anyway, where is kerneld going
to get the modules from? Is / immutable, and /lib, and

I think the only solution is to entirely disallow module loading and
unloading at a sufficiently high securelevel. In such a secure
environment it will be necessary to load all required modules before
going secure -- not too burdensome, I'm sure you'll agree.