From owner-freebsd-security Thu Mar 23 17:41: 7 2000 Delivered-To: freebsd-security@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id B3FE637B866; Thu, 23 Mar 2000 17:41:05 -0800 (PST) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id RAA53761; Thu, 23 Mar 2000 17:41:06 -0800 (PST) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Thu, 23 Mar 2000 17:41:05 -0800 (PST) From: Kris Kennaway To: Olaf Hoyer Cc: security@FreeBSD.ORG Subject: Re: New article In-Reply-To: <4.1.20000324022914.00cbed30@mail.rz.fh-wilhelmshaven.de> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 24 Mar 2000, Olaf Hoyer wrote: > Question: Is a loadable kernel module not a potential security risk? Only if your machine is insecurely configured. > Imagine some attacker exchanging some kernel module against own code, and > causing that module to be loaded (say, some driver for access to certain > filesystems, or zip drive etc...), or waiting for the module to be loaded > (say, for regular, scheduled activities like backups or batch jobs or so) This is why one of the first steps in securing that box should be to give the modules the noschg flag. Hmm, probably this should be done by default, like we noschg the kernel at install-time. Kris ---- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message