Date: Fri, 15 Jun 2001 17:08:00 +0300 From: Peter Pentchev <roam@orbitel.bg> To: Dag-Erling Smorgrav <des@ofug.org> Cc: audit@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: new kldpath(8): display/modify the module search path Message-ID: <20010615170800.I94445@ringworld.oblivion.bg> In-Reply-To: <xzpd785lvb3.fsf@flood.ping.uio.no>; from des@ofug.org on Fri, Jun 15, 2001 at 03:36:00PM %2B0200 References: <20010615150639.D94445@ringworld.oblivion.bg> <xzpd785lvb3.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jun 15, 2001 at 03:36:00PM +0200, Dag-Erling Smorgrav wrote: > Peter Pentchev <roam@orbitel.bg> writes: > > Comments? Objections? Flames? > > I think it's a good idea, especially if it does additional checking > (like checking that the directory exists, and that it's owned by root > and isn't world-writeable). It currently only checks that the directory exists, and this check can be overridden by specifying an -f flag, just in case a startup script is adding a directory that is to be mounted later. But yes, the root-owned and !world-writable checks are a nice idea. Maybe kldpath should go ldconfig's way: check everything by default, and have an -i (insecure) option? > BTW, we should use : instead of ; as separators. This change wouldn't be too difficult to make - a one-line change to src/sys/kern/kern_linker.c - but that file has the following comment: * The search path can be manipulated via sysctl. Note that we use the ';' * character as a separator to be consistent with the bootloader. So, it could be a problem.. G'luck, Peter -- Hey, out there - is it *you* reading me, or is it someone else? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010615170800.I94445>