Date: Thu, 23 Mar 2000 17:41:05 -0800 (PST) From: Kris Kennaway <kris@FreeBSD.org> To: Olaf Hoyer <ohoyer@fbwi.fh-wilhelmshaven.de> Cc: security@FreeBSD.ORG Subject: Re: New article Message-ID: <Pine.BSF.4.21.0003231738450.51855-100000@freefall.freebsd.org> In-Reply-To: <4.1.20000324022914.00cbed30@mail.rz.fh-wilhelmshaven.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 24 Mar 2000, Olaf Hoyer wrote:
> Question: Is a loadable kernel module not a potential security risk?
Only if your machine is insecurely configured.
> Imagine some attacker exchanging some kernel module against own code, and
> causing that module to be loaded (say, some driver for access to certain
> filesystems, or zip drive etc...), or waiting for the module to be loaded
> (say, for regular, scheduled activities like backups or batch jobs or so)
This is why one of the first steps in securing that box should be to give
the modules the noschg flag. Hmm, probably this should be done by
default, like we noschg the kernel at install-time.
Kris
----
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003231738450.51855-100000>