From owner-cvs-all Tue Apr 4 12:33:38 2000 Delivered-To: cvs-all@freebsd.org Received: from anchor-post-34.mail.demon.net (anchor-post-34.mail.demon.net [194.217.242.92]) by hub.freebsd.org (Postfix) with ESMTP id 1152037B6F1; Tue, 4 Apr 2000 12:33:30 -0700 (PDT) (envelope-from dfr@nlsystems.com) Received: from nlsys.demon.co.uk ([158.152.125.33] helo=herring.nlsystems.com) by anchor-post-34.mail.demon.net with esmtp (Exim 2.12 #1) id 12cZ4g-0005uS-0Y; Tue, 4 Apr 2000 20:33:19 +0100 Received: from salmon.nlsystems.com (salmon.nlsystems.com [10.0.0.3]) by herring.nlsystems.com (8.9.3/8.8.8) with ESMTP id UAA68610; Tue, 4 Apr 2000 20:38:14 +0100 (BST) (envelope-from dfr@nlsystems.com) Date: Tue, 4 Apr 2000 20:39:39 +0100 (BST) From: Doug Rabson To: Nick Hibma Cc: Bill Fumerola , Warner Losh , "Jonathan M. Bresler" , cvs-committers@freebsd.org, cvs-all@freebsd.org Subject: Re: cvs commit: src/sys/dev/usb usb.h src/usr.sbin/usbd usbd.c In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 4 Apr 2000, Nick Hibma wrote: > > > Since this is userland, I assume that the autoload will happen only if > > > the security level will allow it? If not, there's a problem here. > > > > FYI, I'm pretty sure the same technique is used when ifconfig(8)ing a interface > > that isn't loaded, or running vinum(8) without it in the kernel, etc. > > > > If this is allowed, it's kldload() to blame, not usbd/ifconfig/vinum > > It is definitely true that kldload should enforce the security settings, > not userland utils (that are straightforward to write). kldload(2) will refuse to load the module if the securelevel is raised. -- Doug Rabson Mail: dfr@nlsystems.com Nonlinear Systems Ltd. Phone: +44 181 442 9037 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message