Date: Thu, 06 Nov 1997 06:49:13 -0800 From: "Jordan K. Hubbard" <jkh@time.cdrom.com> To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Cc: freebsd-current@FreeBSD.ORG Subject: Re: [Fwd: Malicious Linux modules - be worried !] Message-ID: <8654.878827753@time.cdrom.com> In-Reply-To: Your message of "Thu, 06 Nov 1997 09:11:49 %2B0100." <19971106091149.JR42640@uriah.heep.sax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Yeah, yeah, so I sent that message before reading Garrett and everyone else's messages about how that worked already. :-) > As Jordan K. Hubbard wrote: > > > Perhaps we should add a hook to disable the > > loading of LKMs entirely if the secure level is above a certain > > number. > > You mean, something like these checks? :-) > > /sys/kern/kern_lkm.c: if ((flag & FWRITE) == 0 || securelevel > 0) > /sys/kern/kern_lkm.c: if ((flag & FWRITE) == 0 || securelevel > 0) > /sys/kern/kern_lkm.c: if ((flag & FWRITE) == 0 || securelevel > 0) > /sys/kern/kern_lkm.c: if ((flag & FWRITE) == 0 || securelevel > 0) > /sys/kern/kern_lkm.c: if ((flag & FWRITE) == 0 || securelevel > 0) > > -- > cheers, J"org > > joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE > Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8654.878827753>