From owner-freebsd-doc@FreeBSD.ORG Sat Oct 25 18:50:24 2003 Return-Path: Delivered-To: freebsd-doc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 15D6416A4B3 for ; Sat, 25 Oct 2003 18:50:24 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 343C243FDF for ; Sat, 25 Oct 2003 18:50:21 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h9Q1oLFY017465 for ; Sat, 25 Oct 2003 18:50:21 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h9Q1oLN6017464; Sat, 25 Oct 2003 18:50:21 -0700 (PDT) (envelope-from gnats) Resent-Date: Sat, 25 Oct 2003 18:50:21 -0700 (PDT) Resent-Message-Id: <200310260150.h9Q1oLN6017464@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-doc@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, "Christian S.J.Peron" Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D95B316A4B3 for ; Sat, 25 Oct 2003 18:45:00 -0700 (PDT) Received: from staff.seccuris.com (staff.seccuris.com [204.112.0.40]) by mx1.FreeBSD.org (Postfix) with SMTP id ED83743F75 for ; Sat, 25 Oct 2003 18:44:57 -0700 (PDT) (envelope-from maneo@staff.seccuris.com) Received: (qmail 41711 invoked by uid 1006); 26 Oct 2003 01:44:56 -0000 Message-Id: <20031026014456.41710.qmail@staff.seccuris.com> Date: 26 Oct 2003 01:44:56 -0000 From: "Christian S.J.Peron" To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: docs/58546: [patch] document how system security levels impact klds X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Christian S.J.Peron" List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Oct 2003 01:50:24 -0000 >Number: 58546 >Category: docs >Synopsis: [patch] document how system security levels impact klds >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat Oct 25 18:50:20 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Christian S.J. Peron >Release: FreeBSD 4.8-RELEASE-p13 i386 >Organization: >Environment: System: FreeBSD movl 4.8-RELEASE-p13 FreeBSD 4.8-RELEASE-p13 #1: Sat Oct 25 16:45:55 UTC 2003 cperon@movl:/usr/src/sys/compile/STAFF i386 >Description: The kld(4) manual page does not document how system security levels can impact the loading and unloadng of kernel modules. >How-To-Repeat: N/A >Fix: --- share/man/man4/kld.4.old Sat Oct 25 19:38:06 2003 +++ share/man/man4/kld.4 Sat Oct 25 19:57:57 2003 @@ -88,6 +88,10 @@ .Xr kldstat 8 program is used to check the status of the modules currently loaded into the system. +.Pp +Kernel modules may only be loaded or unloaded if the system security level +.Dq kern.securelevel +is less than one. .Sh "MODULE TYPES" .Bl -ohang .It Em "Device Driver modules" @@ -125,7 +129,8 @@ .Xr devd 8 , .Xr kldload 8 , .Xr kldstat 8 , -.Xr kldunload 8 +.Xr kldunload 8 , +.Xr sysctl 8 .Sh BUGS If a module B, is dependent on another module A, but is not compiled with module A as a dependency, then >Release-Note: >Audit-Trail: >Unformatted: