From owner-freebsd-current Fri Jan 12 17:51:25 2001 Delivered-To: freebsd-current@freebsd.org Received: from citusc.usc.edu (citusc.usc.edu [128.125.38.123]) by hub.freebsd.org (Postfix) with ESMTP id EBA4D37B404 for ; Fri, 12 Jan 2001 17:51:04 -0800 (PST) Received: (from kris@localhost) by citusc.usc.edu (8.9.3/8.9.3) id RAA24795; Fri, 12 Jan 2001 17:52:21 -0800 Date: Fri, 12 Jan 2001 17:52:21 -0800 From: Kris Kennaway To: Jason Smethers Cc: current@FreeBSD.ORG Subject: Re: module privlages Message-ID: <20010112175221.E23818@citusc.usc.edu> References: <000f01c07cbb$379df040$edcf1f40@pdq.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="T6xhMxlHU34Bk0ad" Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <000f01c07cbb$379df040$edcf1f40@pdq.net>; from jsmethers@pdq.net on Fri, Jan 12, 2001 at 11:15:09AM -0600 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --T6xhMxlHU34Bk0ad Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I'm not sure what the point of this would really be..nor how you could enforce it. Perhaps you should submit a proof of concept ;-) Kris On Fri, Jan 12, 2001 at 11:15:09AM -0600, Jason Smethers wrote: > Has anyone put any thought into putting restrictions on what a module > can modify when loaded into the kernel? If there is, say, ever binary > third party driver support and this is provided without source some > restrictions on what kernel data this module can link to and modify > when loaded might be a good idea. >=20 > I was thinking something along the lines of a list of symbols that a > kernel module may call, and a list of symbols that a kernel module may > modify. Allowing the update of these lists may be a little tricky to > prevent already load modules from detecting this and adding their own > symbols. >=20 > Doing this with module types might be simple. When a module is loaded > it would contain flags to the module type(s) it is uses and this > selects the list of symbols it may interact with. A module may be then > be used to update these symbols but root is warned and must OK a load > of a kernel module with the type which allows updating the symbol > lists. >=20 > With the module types it would also help prevent a module from messing > around in an area that is not expected from such a module. e.g. a > network driver messing around in the VFS. >=20 > Any thoughts? >=20 > - Jason >=20 >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message --T6xhMxlHU34Bk0ad Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6X7TVWry0BWjoQKURAoAJAJ4kptl5TXrqkz4eALO0h4OeVLEohACfSb0N TAsiZ+ZNryZFQz9IIVBTR3Q= =DwzM -----END PGP SIGNATURE----- --T6xhMxlHU34Bk0ad-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message