From owner-freebsd-current Thu Mar 21 4:18:58 2002 Delivered-To: freebsd-current@freebsd.org Received: from mailhub.fokus.gmd.de (mailhub.fokus.gmd.de [193.174.154.14]) by hub.freebsd.org (Postfix) with ESMTP id D51DB37B427; Thu, 21 Mar 2002 04:18:34 -0800 (PST) Received: from beagle (beagle [193.175.132.100]) by mailhub.fokus.gmd.de (8.11.6/8.11.6) with ESMTP id g2LCIVb13699; Thu, 21 Mar 2002 13:18:32 +0100 (MET) Date: Thu, 21 Mar 2002 13:18:31 +0100 (CET) From: Harti Brandt To: current@freebsd.org, , Subject: Rev. 1.82 of kern_linker.c disables module loads... Message-ID: <20020321131551.T18713-100000@beagle.fokus.gmd.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello, This revision of kern_linker.c entirly disables module loads from /etc/rc during boot: revision 1.82 date: 2002/03/20 16:03:42; author: arr; state: Exp; lines: +10 -6 - Change a check of securelevel to securelevel_gt() call in order to help against users within a jail attempting to load kernel modules. - Add a check of securelevel_gt() to vfs_mount() in order to chop some low hanging fruit for the repair of securelevel checking of linking and unlinking files from within jails. There is more to be done here. Reviewed by: rwatson Regards, harti -- harti brandt, http://www.fokus.gmd.de/research/cc/cats/employees/hartmut.brandt/private brandt@fokus.fhg.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message