modules and securelevel

Kai Schulte (sp0005@aixrs1.hrz.uni-essen.de)
Fri, 12 Jul 1996 23:50:06 +0200 (MESZ)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Paolo Supino: "eepro.c port list"
Previous message: Eric Benson: "Is any file system on Linux appropriate for very large directories?"
In reply to: Alan Cox: "Re: Misc Fixes"
Next in thread: Stephen C. Tweedie: "Re: Misc Fixes"

> Not to jump in or anything, but...
> How about a small kernel function to return the current securelevel value?
> int get_securelevel();
> Then export THAT to modules.

I must be missing something here... if you really want to attack the
kernel you are running in you could always take the address of
get_securelevel(), follow it to see where the "mov" reads from, and then
write to that location.

Protecting the kernel against each module would cause a lot of unnecessary
overhead. Is there any good reason why modules should not be "trusted"
code?

Kai

Next message: Paolo Supino: "eepro.c port list"
Previous message: Eric Benson: "Is any file system on Linux appropriate for very large directories?"
In reply to: Alan Cox: "Re: Misc Fixes"
Next in thread: Stephen C. Tweedie: "Re: Misc Fixes"