Date: Fri, 24 Mar 2000 12:36:12 +0000 From: Brian Somers <brian@Awfulhak.org> To: Kris Kennaway <kris@freebsd.org> Cc: Olaf Hoyer <ohoyer@fbwi.fh-wilhelmshaven.de>, security@freebsd.org, brian@hak.lan.Awfulhak.org Subject: Re: New article Message-ID: <200003241236.MAA02043@hak.lan.Awfulhak.org> In-Reply-To: Message from Kris Kennaway <kris@freebsd.org> of "Thu, 23 Mar 2000 17:41:05 PST." <Pine.BSF.4.21.0003231738450.51855-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Fri, 24 Mar 2000, Olaf Hoyer wrote:
>
> > Question: Is a loadable kernel module not a potential security risk?
>
> Only if your machine is insecurely configured.
>
> > Imagine some attacker exchanging some kernel module against own code, and
> > causing that module to be loaded (say, some driver for access to certain
> > filesystems, or zip drive etc...), or waiting for the module to be loaded
> > (say, for regular, scheduled activities like backups or batch jobs or so)
>
> This is why one of the first steps in securing that box should be to give
> the modules the noschg flag. Hmm, probably this should be done by
> default, like we noschg the kernel at install-time.
The same should be done to the directory itself. Ditto for /bin,
/usr/bin, /sbin, /usr/sbin etc - in fact, anything that's in roots
path.
And what about /etc/{*passwd,*pwd.db} ? Methinks this is a large
can of worms !
> Kris
>
> ----
> In God we Trust -- all others must submit an X.509 certificate.
> -- Charles Forsythe <forsythe@alum.mit.edu>
--
Brian <brian@Awfulhak.org> <brian@[uk.]FreeBSD.org>
<http://www.Awfulhak.org>; <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200003241236.MAA02043>