> Since the cracker/hacker community is actively drooling over this route
> to undermining security, isn't the time ripe to add some superior facilities
> to control kernel-module loading and authenticate modules ?
What's wrong with using securelevel (2.0) or capabilities (2.2)? AIUI,
inserting and removing modules requires securelevel <= 0 (2.0) or the
CAP_SYS_MODULE capability. I'm not familiar with using securelevel or
capabilities, but I presume the former prevents you from reducing securelevel
except in single user mode (looking at the code, it seems only init can
reduce securelevel, which makes sense); presumably with the latter init
just drops CAP_SYS_MODULE from the inheritable set, along with whatever
capabilities allow you to set capabilities to executables.
If that's wrong, I'm sure someone will correct me.
-- "House Plants are for ornamental use only and not for consumption" Notice in Sainsbury's Supermarket, London - Daily Mail- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/