Date: Sat, 8 Sep 2001 20:39:35 +0200 From: Alexander Langer <alex@big.endian.de> To: D J Hawkey Jr <hawkeyd@visi.com> Cc: deepak@ai.net, freebsd-security@FreeBSD.ORG Subject: Re: Kernel-loadable Root Kits Message-ID: <20010908203935.B54535@fump.kawo2.rwth-aachen.de> In-Reply-To: <20010908105308.A78138@sheol.localdomain>; from hawkeyd@visi.com on Sat, Sep 08, 2001 at 10:53:08AM -0500 References: <GPEOJKGHAMKFIOMAGMDIGEHGFHAA.deepak_ai.net@ns.sol.net> <200109081052.f88AqRG30016@sheol.localdomain> <20010908141700.A53738@fump.kawo2.rwth-aachen.de> <20010908072542.A57605@sheol.localdomain> <20010908143231.A53801@fump.kawo2.rwth-aachen.de> <20010908074445.A77252@sheol.localdomain> <20010908181537.A840@ringworld.oblivion.bg> <20010908102816.B77764@sheol.localdomain> <20010908183728.D840@ringworld.oblivion.bg> <20010908105308.A78138@sheol.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
Thus spake D J Hawkey Jr (hawkeyd@visi.com): > Ah. Well then, as I wrote to Kris, the kernel has to deny KLD loading > altogether, it should be a build-time option, and it should have nothing > to over-ride this. > Or am I still being too simplistic? I haven't been using KLD- or LKM- You'd have to remove the whole kld code then, including all linker_file stuff. And, given that, you can still use /dev/mem to manipulate the kernel. Alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010908203935.B54535>