Re: Misc Fixes

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Systemkennung Linux: "Re: modules and securelevel"
• Previous message: Kai Henningsen: "Alternate solutions (Was: Re: NFS still has caching problem)"
• In reply to: Christoph Lameter: "2.0.6 Networking still stalling"
• Next in thread: Matthias Urlichs: "Re: Misc Fixes"
• Reply: Matthias Urlichs: "Re: Misc Fixes"

> |> It doesnt help. The malicious module does
> |>
> |> unsigned long **ptr=(unsigned long **)&get_securelevel;
> |> unsigned long *securelevelptr=ptr[SOME_CONSTANT];
> |> *securelevelptr=0;
>
> So we have to implement some `immutable memory' mechanism. once the
> securelevel is set, it has to be (and the whole page) turned to readonly.
> What a waste of valuable memory ! (I hear people complain about kernel
> bloat once again :-)

No. As Alan said, we just have to disallow module loads. If you start
allowing untrusted code to be inserted into the kernel, you can abandon
all pretence at security.

Because modules run with kernel privilege, there's nothing you can do to
keep them in check. If you set the page to be readonly, the rogue module
can just set it back again.

P.

• Next message: Systemkennung Linux: "Re: modules and securelevel"
• Previous message: Kai Henningsen: "Alternate solutions (Was: Re: NFS still has caching problem)"
• In reply to: Christoph Lameter: "2.0.6 Networking still stalling"
• Next in thread: Matthias Urlichs: "Re: Misc Fixes"
• Reply: Matthias Urlichs: "Re: Misc Fixes"