Date: Fri, 12 Jan 2001 17:52:21 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: Jason Smethers <jsmethers@pdq.net> Cc: current@FreeBSD.ORG Subject: Re: module privlages Message-ID: <20010112175221.E23818@citusc.usc.edu> In-Reply-To: <000f01c07cbb$379df040$edcf1f40@pdq.net>; from jsmethers@pdq.net on Fri, Jan 12, 2001 at 11:15:09AM -0600 References: <000f01c07cbb$379df040$edcf1f40@pdq.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--T6xhMxlHU34Bk0ad Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I'm not sure what the point of this would really be..nor how you could enforce it. Perhaps you should submit a proof of concept ;-) Kris On Fri, Jan 12, 2001 at 11:15:09AM -0600, Jason Smethers wrote: > Has anyone put any thought into putting restrictions on what a module > can modify when loaded into the kernel? If there is, say, ever binary > third party driver support and this is provided without source some > restrictions on what kernel data this module can link to and modify > when loaded might be a good idea. >=20 > I was thinking something along the lines of a list of symbols that a > kernel module may call, and a list of symbols that a kernel module may > modify. Allowing the update of these lists may be a little tricky to > prevent already load modules from detecting this and adding their own > symbols. >=20 > Doing this with module types might be simple. When a module is loaded > it would contain flags to the module type(s) it is uses and this > selects the list of symbols it may interact with. A module may be then > be used to update these symbols but root is warned and must OK a load > of a kernel module with the type which allows updating the symbol > lists. >=20 > With the module types it would also help prevent a module from messing > around in an area that is not expected from such a module. e.g. a > network driver messing around in the VFS. >=20 > Any thoughts? >=20 > - Jason >=20 >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message --T6xhMxlHU34Bk0ad Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6X7TVWry0BWjoQKURAoAJAJ4kptl5TXrqkz4eALO0h4OeVLEohACfSb0N TAsiZ+ZNryZFQz9IIVBTR3Q= =DwzM -----END PGP SIGNATURE----- --T6xhMxlHU34Bk0ad-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010112175221.E23818>