tech-embed archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: LKM
On Fri, Sep 14, 2001 at 06:16:41PM +0200, Pål Halvorsen wrote:
> Is there any mechanisms that verify that the code in "loadable kernel
> modules" is safe and does not perform operations compromising system
> integrity?
Yes. reading the LKM source code thouroughly. Then reading it again. Then
imagine how you would go about to abuse it, and ponder if this would work.
Then get a couple of real crackerwizards (not 3l33t h@x0rz) to try the same.
If still nothing suspicious turns up, you're safe for a while to use that
LKM.
Sorry, there is no better answer. We have a monolithic kernel; whatever is
inside it, is basically omnipotent and omnicient. That is the reason we can
(with normal security settings) only load LKMs from single user mode.
Regards,
-is
Home |
Main Index |
Thread Index |
Old Index