From owner-freebsd-arch  Sun Jul  9 17:45:16 2000
Delivered-To: freebsd-arch@freebsd.org
Received: from cypherpunks.ai (cypherpunks.ai [209.88.68.47])
	by hub.freebsd.org (Postfix) with ESMTP id 9EF5A37BB1C
	for <arch@FreeBSD.ORG>; Sun,  9 Jul 2000 17:45:13 -0700 (PDT)
	(envelope-from jeroen@vangelderen.org)
Received: from vangelderen.org (grolsch.ai [209.88.68.214])
	by cypherpunks.ai (Postfix) with ESMTP
	id DB26D4D; Sun,  9 Jul 2000 20:45:12 -0400 (AST)
Message-ID: <39691C98.2C0DF9F7@vangelderen.org>
Date: Sun, 09 Jul 2000 20:45:12 -0400
From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>
X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Marius Bendiksen <mbendiks@eunet.no>
Cc: Adam <bsdx@looksharp.net>,
	Alfred Perlstein <bright@wintelcom.net>, arch@FreeBSD.ORG
Subject: Re: making the snoop device loadable.
References: <Pine.BSF.4.05.10007100149380.88568-100000@login-1.eunet.no>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Marius Bendiksen wrote:
> 
> > Why did it exist from FreeBSD-WhoKnowsWhen until 1999?  I'd like to use X
> 
> As I recall, this had something to do with shrinking the kernel for
> PicoBSD, amongst other things.
> 
> > why NO_LKM is bad but couldn't find anything.  Could you help me find a
> > discussion on it or tell me why disabling kernel modules is *not*
> > security?  Assuming I'd notice a reboot and would consequently whup some
> > butt if someone did.
> 
> Thing is; disabling kernel modules will avail you little, as an
> illegitimate user can still use the memory devices to access physical
> memory, and thus binary patch a live kernel. This is hard, but it can, and
> has been done. 

Sure. But that may not be in one's threat model. Sure, a 
NO_KLD could be worked around in theory but maybe not in
practice; Which means it can be very useful albeit maybe
not for you.

Cheers,
Jeroen
-- 
Jeroen C. van Gelderen          o      _     _         _
jeroen@vangelderen.org  _o     /\_   _ \\o  (_)\__/o  (_)
                      _< \_   _>(_) (_)/<_    \_| \   _|/' \/
                     (_)>(_) (_)        (_)   (_)    (_)'  _\o_


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message