Date: Mon, 10 Jul 2000 01:45:59 +0200 (CEST) From: Marius Bendiksen <mbendiks@eunet.no> To: Adam <bsdx@looksharp.net> Cc: "Daniel C. Sobral" <dcs@newsguy.com>, Alfred Perlstein <bright@wintelcom.net>, arch@FreeBSD.ORG Subject: Re: making the snoop device loadable. Message-ID: <Pine.BSF.4.05.10007100142160.88568-100000@login-1.eunet.no> In-Reply-To: <Pine.BSF.4.21.0007091330090.407-100000@turtle.looksharp.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> I think you missed my point. I'm not talking about hackers at all; if a > hacker can load a module the game is already over. I'm talking about > legit people with root who might do things behind the back of the person > who compiled the kernel without snp in the first place. This constitutes illigitimate use of superpowers, in my book. Clear such things with your coadmins in advance. If you cannot trust them to stick with your policy decisions, then they should not have root in the first place. And if you actually give them root, then you've really shot your self in the foot, which Unix is supposed to do without asking any questions, provided you point the gun in that direction, and pull the trigger. > If this change goes in, what do you do if you wish not to have snooping > capable through the snp device and do not wish to lock unneccessary parts > of the system down with securelevel? You rewrite the securelevel code, or pay someone to do so. Or, as a very, very limited way of making it more work for the would-be snooper, you could remove the snoop module and sources. Not that it would be any work for them to get hold of it anyhow. And, as DCS stated, there are pre-made klds out there which would assist them better in this illegitimate use, anyhow. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.10007100142160.88568-100000>