Date: Thu, 21 May 1998 13:07:58 -0400 (EDT) From: Robert Watson <robert@cyrus.watson.org> To: Philippe Regnauld <regnauld@deepo.prosa.dk> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Virus on FreeBSD Message-ID: <Pine.BSF.3.96.980521130704.29242A-100000@fledge.watson.org> In-Reply-To: <19980521181555.59333@deepo.prosa.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
>From a quick examination of kern/kern_lkm.c, it appears that if the securelevel > 0, changes to LKMs are not allowed (load, unload, etc). On Thu, 21 May 1998, Philippe Regnauld wrote: > Greg A. Woods writes: > > > Anyone who's read that article and has even the tiniest amount of > > imagination would *NEVER* run LKMs on a production machine. Sure > > BTW, is there a mechanism to disable loading of LKMs ? > (of course, removing the modload command is one way) -- I was > thinking about something that looked at the securelevel > and refused to load/unload a module depending on it. > > -- > -[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]- > «Pluto placed his bad dog at the entrance of Hades to keep the dead > IN and the living OUT! The archetypical corporate firewall?» > - S. Kelly Bootle > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe security" in the body of the message > Robert N Watson ---- Carnegie Mellon University http://www.cmu.edu/ Trusted Information Systems http://www.tis.com/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980521130704.29242A-100000>