Date: Wed, 8 May 2002 11:05:36 -0700 From: Brooks Davis <brooks@one-eyed-alien.net> To: Miguel Mendez <flynn@energyhq.homeip.net> Cc: hackers@FreeBSD.ORG Subject: Re: extra sanity check in modules Message-ID: <20020508110535.A4025@Odin.AC.HMC.Edu> In-Reply-To: <20020508171635.A50078@energyhq.homeip.net>; from flynn@energyhq.homeip.net on Wed, May 08, 2002 at 05:16:35PM %2B0200 References: <20020508171635.A50078@energyhq.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--pWyiEgJYm5f9v55/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, May 08, 2002 at 05:16:35PM +0200, Miguel Mendez wrote: > I've been thinking of adding an extra check in kldload. My idea is to hav= e=20 > an md5 sum per module, so for foo.ko we'd have foo.ko.md5. At load time > the md5 is checked, if it doesn't test ok the module is not loaded. The > md5 files could chflagged as inmutable for extra security. Is it worth > having this or just a silly idea? I might start hacking on my DP1 box on > this thing later. IMO, this is a silly idea, expecialy on a development version of the OS. I always hated the schg flag on the kernel and I'm glad it's gone in current. I'd oppose adding that sort of foolishness to the modules. It would make development of modules unnecessicairly painful. Additional, I don't see any way this would prevent the loading of unauthorized kernel modules since you could just create checksums for them. A better approach would probably be an integrity based MAC solution which could refuse to load any module which arrived via an untrusted medium (the network for example) or where created from sources which did the same. If I understand the TrustedBSD work, this may well be possiable soon. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --pWyiEgJYm5f9v55/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE82WjsXY6L6fI4GtQRAsjIAJ46bkhbOJmhQ0CjZTrGXxzU4cApAQCg6G84 SEC4RoliOAvkW1gRJC7Uqxg= =+5hN -----END PGP SIGNATURE----- --pWyiEgJYm5f9v55/-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020508110535.A4025>