Date: Mon, 20 May 1996 13:50:18 -0500 From: Alex Nash <alex@orion.fa.tdktca.com> To: bde@zeta.org.au Cc: wollman@lcs.mit.edu, hackers@freebsd.org Subject: Re: unionfs Message-ID: <199605201850.NAA31412@orion.fa.tdktca.com>
next in thread | raw e-mail | index | archive | help
> It should be possible for anyone to ask a trusted server to load
> trusted LKMs. However, LKMs can't be loaded if securelevel > 0,
> so it is best not to depend on loading them on demand.
What a coincindence, I was just wondering if it was possible to
load LKMs in secure mode just this morning (prompted by Garrett's
IPFW concerns). Unfortunately I can't test this empirically with
the FreeBSD systems here, so I've been looking through the code
to see if this was allowed. As far as I can tell, the file system
operations affected by securelevel are:
/ufs/ufs/ufs_vnops.c:
Check secure level when dealing with immutable and append
only flags.
/miscfs/specfs/spec_vnops.c:
Do not allow opens for writing to disk character devices
when securelevel is 2 or greater.
Do not allow opens for writing of /dev/mem and /dev/kmem,
or character devices that are currently mounted when secure
level is 1 or greater.
Do not allow opens for writing of any disk block devices
when secure level is 2 or greater.
Since modload opens a character device which is not a disk device,
I don't think securelevel prevents LKMs from being loaded (but I
agree that it should).
What did I miss?
Alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605201850.NAA31412>