Re: modules and securelevel

Mike Shaver (shaver@neon.ingenia.ca)
Sat, 13 Jul 1996 11:02:41 -0400 (EDT)


Thus spake Kai Schulte:
> Protecting the kernel against each module would cause a lot of unnecessary
> overhead. Is there any good reason why modules should not be "trusted"
> code?

There's no real reason, I don't think.
The problem is that you need a way of determine who the code is
trusted by. Traditionally, we trust root to do that kind of thing to
the system. With the POSIX.6 (right?) and securelevel stuff, root no
longer has absolute control over the system. Thus, we need to have
some sort of ACL or securelevel test for determining when modules can
be loaded, and by whom.

I trust (heh) that Ted or Alan or Linus or Someone Else Who Knows will
step in and correct me if I'm wrong, but I think that's the gist of
it.

Mike

-- 
#> Mike Shaver (shaver@ingenia.com) Ingenia Communications Corporation <#
#> Paranoid for money.                            Sarcastic for kicks. <#
#>                                                                     <#
#> "They already *KNOW* I am a whacko, Karen.                          <#
#>                  That doesn't mean I am *WRONG*." -- mjr@clark.net  <#