From owner-freebsd-security  Mon May 25 08:11:26 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA02931
          for freebsd-security-outgoing; Mon, 25 May 1998 08:11:26 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from gateman.zeus.leitch.com (gateman.zeus.leitch.com [204.187.61.193])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA02910
          for <freebsd-security@FreeBSD.ORG>; Mon, 25 May 1998 08:11:15 -0700 (PDT)
          (envelope-from woods@tap.zeus.leitch.com)
Received: from zeus.leitch.com (tap.zeus.leitch.com [204.187.61.10]) by gateman.zeus.leitch.com (8.8.5/8.7.3/1.0) with ESMTP id LAA19239; Mon, 25 May 1998 11:10:31 -0400 (EDT)
Received: from brain.zeus.leitch.com (brain.zeus.leitch.com [204.187.61.32]) by zeus.leitch.com (8.7.5/8.7.3/1.0) with ESMTP id LAA26676; Mon, 25 May 1998 11:10:43 -0400 (EDT)
Received: (from woods@localhost)
	by brain.zeus.leitch.com (8.8.8/8.8.8) id LAA05638;
	Mon, 25 May 1998 11:10:42 -0400 (EDT)
	(envelope-from woods@tap.zeus.leitch.com)
Date: Mon, 25 May 1998 11:10:42 -0400 (EDT)
Message-Id: <199805251510.LAA05638@brain.zeus.leitch.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
From: woods@zeus.leitch.com (Greg A. Woods)
To: ark@eltex.spb.ru
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Virus on FreeBSD
In-Reply-To: ark@eltex.spb.ru's message
	of "Fri, May 22, 1998 14:02:08 GMT"
	regarding "Re: Virus on FreeBSD"
	id <199805221402.OAA16417@paranoid.eltex.spb.ru>
References: <199805211901.PAA23176@brain.zeus.leitch.com>
	<199805221402.OAA16417@paranoid.eltex.spb.ru>
X-Mailer: VM 6.45 under Emacs 20.2.1
Reply-To: freebsd-security@FreeBSD.ORG
Organization: Planix, Inc.; Toronto, Ontario; Canada
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

[ On Fri, May 22, 1998 at 14:02:08 (GMT), ark@eltex.spb.ru wrote: ]
> Subject: Re: Virus on FreeBSD
>
> 2.1.7.1 does not have NO_LKM option in LINT. Don't know if it does
> something for that system. 

Looks like the RELENG_2_1_0 branch only has the changes to disallow LKM
manipulations in "secure mode" (i.e. securelevel > 0) (prior to 2.1.5).

RELENG_2_2 had the NO_LKM option pulled in as of 2.2.6.

Now that I look at the way NO_LKM was implemented, I think it could be a
*lot* more agressive in the amount of code it comments out.  All it
appears to do now is inhibit the initialization of the LKM "driver".

-- 
							Greg A. Woods

+1 416 443-1734      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message