From owner-freebsd-hackers  Wed May  8 11:16:16 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from rwcrmhc54.attbi.com (rwcrmhc54.attbi.com [216.148.227.87])
	by hub.freebsd.org (Postfix) with ESMTP id 4C04737B404
	for <hackers@FreeBSD.ORG>; Wed,  8 May 2002 11:16:08 -0700 (PDT)
Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc54.attbi.com
          (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP
          id <20020508181608.UDHH25765.rwcrmhc54.attbi.com@blossom.cjclark.org>;
          Wed, 8 May 2002 18:16:08 +0000
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.6) id g48IG7q94717;
	Wed, 8 May 2002 11:16:07 -0700 (PDT)
	(envelope-from cjc)
Date: Wed, 8 May 2002 11:16:07 -0700
From: "Crist J. Clark" <cjc@FreeBSD.ORG>
To: Miguel Mendez <flynn@energyhq.homeip.net>
Cc: hackers@FreeBSD.ORG
Subject: Re: extra sanity check in modules
Message-ID: <20020508111607.C94469@blossom.cjclark.org>
References: <20020508171635.A50078@energyhq.homeip.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20020508171635.A50078@energyhq.homeip.net>; from flynn@energyhq.homeip.net on Wed, May 08, 2002 at 05:16:35PM +0200
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Wed, May 08, 2002 at 05:16:35PM +0200, Miguel Mendez wrote:
> Hi,
> 
> I've been thinking of adding an extra check in kldload. My idea is to have 
> an md5 sum per module, so for foo.ko we'd have foo.ko.md5. At load time
> the md5 is checked, if it doesn't test ok the module is not loaded. The
> md5 files could chflagged as inmutable for extra security. Is it worth
> having this or just a silly idea? I might start hacking on my DP1 box on
> this thing later.

What does it gain you? If someone can modify the foo.ko, they can
modify the foo.ko.md5. What does making foo.ko.md5 immutable do that
that just making foo.ko immutable wouldn't?
-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message