Date: Mon, 10 Jul 2000 01:54:06 +0200 (CEST) From: Marius Bendiksen <mbendiks@eunet.no> To: Adam <bsdx@looksharp.net> Cc: Alfred Perlstein <bright@wintelcom.net>, arch@FreeBSD.ORG Subject: Re: making the snoop device loadable. Message-ID: <Pine.BSF.4.05.10007100149380.88568-100000@login-1.eunet.no> In-Reply-To: <Pine.BSF.4.21.0007091524430.407-100000@turtle.looksharp.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Why did it exist from FreeBSD-WhoKnowsWhen until 1999? I'd like to use X As I recall, this had something to do with shrinking the kernel for PicoBSD, amongst other things. > why NO_LKM is bad but couldn't find anything. Could you help me find a > discussion on it or tell me why disabling kernel modules is *not* > security? Assuming I'd notice a reboot and would consequently whup some > butt if someone did. Thing is; disabling kernel modules will avail you little, as an illegitimate user can still use the memory devices to access physical memory, and thus binary patch a live kernel. This is hard, but it can, and has been done. Eivind mentioned one particular case with a person who binary-patched the kernel of an old Unix to bypass the 14 character file name length limitation without severing the uptime. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10007100149380.88568-100000>