|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: D J Hawkey Jr (hawkeyd
visi.com)Date: Sat Sep 08 2001 - 10:53:08 CDT
On Sep 08, at 06:37 PM, Peter Pentchev wrote:
>
> > Q: Can the kernel be "forced" to load a module from within itself? That
> > is, does a cracker need to be in userland?
>
> Yes, certainly; all kldload(8) does is invoke the kldload(2) syscall,
> nothing more, nothing userspace-magical.
> All a kernel routine needs to do is either invoke that syscall, or
> call the internal kernel functions that kldload(2) calls, like e.g.
> linker_find_file_by_name() and linker_load_file() in sys/kern/kern_linker.c
Ah. Well then, as I wrote to Kris, the kernel has to deny KLD loading
altogether, it should be a build-time option, and it should have nothing
to over-ride this.
Or am I still being too simplistic? I haven't been using KLD- or LKM-
aware systems very long (~one year), but so far I've had little use for
them (the modules). I get a box, I configure the kernel to it, and that's
that. If the box changes, I build a new kernel. At least for the servers
I've set up, this works fine. Now, a development or users' box, well...
> G'luck,
> Peter
You too,
Dave
--Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?"
To Unsubscribe: send mail to majordomo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]