From owner-freebsd-hackers  Wed May  8 11:31:40 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from energyhq.homeip.net (213-97-200-73.uc.nombres.ttd.es [213.97.200.73])
	by hub.freebsd.org (Postfix) with ESMTP
	id 9894337B409; Wed,  8 May 2002 11:31:33 -0700 (PDT)
Received: by energyhq.homeip.net (Postfix, from userid 1001)
	id 4A4AB3FC2F; Wed,  8 May 2002 20:31:30 +0200 (CEST)
Date: Wed, 8 May 2002 20:31:30 +0200
From: Miguel Mendez <flynn@energyhq.homeip.net>
To: "Crist J. Clark" <cjc@FreeBSD.ORG>
Cc: hackers@FreeBSD.ORG
Subject: Re: extra sanity check in modules
Message-ID: <20020508203130.A50402@energyhq.homeip.net>
References: <20020508171635.A50078@energyhq.homeip.net> <20020508111607.C94469@blossom.cjclark.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="YZ5djTAD1cGYuMQK"
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <20020508111607.C94469@blossom.cjclark.org>; from cjc@FreeBSD.ORG on Wed, May 08, 2002 at 11:16:07AM -0700
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG


--YZ5djTAD1cGYuMQK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, May 08, 2002 at 11:16:07AM -0700, Crist J. Clark wrote:

> What does it gain you? If someone can modify the foo.ko, they can
> modify the foo.ko.md5. What does making foo.ko.md5 immutable do that
> that just making foo.ko immutable wouldn't?

Hmmm, okay, so what if the md5 data is stored in a read only place? I wasn'=
t=20
only thinking about security here, I was also thinking about a way to
avoid loading a module in case somehow it became corrupted. I'll go
ahead and do it anyway and post the patch somewhere, don't really care
if people end up using it or not.

Cheers,
--=20
        Miguel Mendez - flynn@energyhq.homeip.net
        GPG Public Key :: http://energyhq.homeip.net/files/pubkey.txt
        EnergyHQ :: http://www.energyhq.tk
        FreeBSD - The power to serve!

--YZ5djTAD1cGYuMQK
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQE82W8CnLctrNyFFPERAqTBAJ4v9XWKOSq2XxSEqz99Trt1M72m4ACbBArT
aXPTcaRwi5JTKNpHzhH/X9o=
=uOFr
-----END PGP SIGNATURE-----

--YZ5djTAD1cGYuMQK--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message