Date: Sun, 09 Jul 2000 20:45:12 -0400 From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> To: Marius Bendiksen <mbendiks@eunet.no> Cc: Adam <bsdx@looksharp.net>, Alfred Perlstein <bright@wintelcom.net>, arch@FreeBSD.ORG Subject: Re: making the snoop device loadable. Message-ID: <39691C98.2C0DF9F7@vangelderen.org> References: <Pine.BSF.4.05.10007100149380.88568-100000@login-1.eunet.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Marius Bendiksen wrote:
>
> > Why did it exist from FreeBSD-WhoKnowsWhen until 1999? I'd like to use X
>
> As I recall, this had something to do with shrinking the kernel for
> PicoBSD, amongst other things.
>
> > why NO_LKM is bad but couldn't find anything. Could you help me find a
> > discussion on it or tell me why disabling kernel modules is *not*
> > security? Assuming I'd notice a reboot and would consequently whup some
> > butt if someone did.
>
> Thing is; disabling kernel modules will avail you little, as an
> illegitimate user can still use the memory devices to access physical
> memory, and thus binary patch a live kernel. This is hard, but it can, and
> has been done.
Sure. But that may not be in one's threat model. Sure, a
NO_KLD could be worked around in theory but maybe not in
practice; Which means it can be very useful albeit maybe
not for you.
Cheers,
Jeroen
--
Jeroen C. van Gelderen o _ _ _
jeroen@vangelderen.org _o /\_ _ \\o (_)\__/o (_)
_< \_ _>(_) (_)/<_ \_| \ _|/' \/
(_)>(_) (_) (_) (_) (_)' _\o_
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39691C98.2C0DF9F7>