From owner-freebsd-current Wed Nov 5 20:02:15 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id UAA11810 for current-outgoing; Wed, 5 Nov 1997 20:02:15 -0800 (PST) (envelope-from owner-freebsd-current) Received: from time.cdrom.com (root@time.cdrom.com [204.216.27.226]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id UAA11799 for ; Wed, 5 Nov 1997 20:02:11 -0800 (PST) (envelope-from jkh@time.cdrom.com) Received: from time.cdrom.com (jkh@localhost.cdrom.com [127.0.0.1]) by time.cdrom.com (8.8.7/8.6.9) with ESMTP id UAA04477; Wed, 5 Nov 1997 20:01:14 -0800 (PST) To: Chuck Robey cc: Matthew Thyer , freebsd-current@FreeBSD.ORG Subject: Re: [Fwd: Malicious Linux modules - be worried !] In-reply-to: Your message of "Wed, 05 Nov 1997 19:47:03 EST." Date: Wed, 05 Nov 1997 20:01:14 -0800 Message-ID: <4473.878788874@time.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-freebsd-current@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > I don't always tend to be the most paranoid person around, so it seems a > lot of trouble, tho, because if someone's got root privs already, this is > just one of many possible things to kill. Why go to this kind of trouble, True, though the whole idea with BSD's secure levels is to make a root compromise far less potentially damaging if you've set up the server in question to be "hardened" against such things. The fact that this doesn't always work 100% in practice is still not a general indictment of the whole concept, however, as it's a pretty good idea to try and make a machine secure enough that physical access is required to seriously compromise it. Perhaps we should add a hook to disable the loading of LKMs entirely if the secure level is above a certain number. Jordan