From owner-freebsd-advocacy  Fri Mar 24 10:35:10 2000
Delivered-To: freebsd-advocacy@freebsd.org
Received: from obie.softweyr.com (obie.softweyr.com [204.68.178.33])
	by hub.freebsd.org (Postfix) with ESMTP id 35ABB37BA55
	for <advocacy@FreeBSD.ORG>; Fri, 24 Mar 2000 10:35:06 -0800 (PST)
	(envelope-from wes@softweyr.com)
Received: from softweyr.com (Foolstrustidentd@obie.softweyr.com [204.68.178.33])
	by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id LAA15398;
	Fri, 24 Mar 2000 11:34:38 -0700 (MST)
	(envelope-from wes@softweyr.com)
Message-ID: <38DBB599.14C48CAC@softweyr.com>
Date: Fri, 24 Mar 2000 11:36:09 -0700
From: Wes Peters <wes@softweyr.com>
Organization: Softweyr LLC
X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 3.3-RELEASE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Olaf Hoyer <ohoyer@fbwi.fh-wilhelmshaven.de>
Cc: advocacy@FreeBSD.ORG
Subject: Re: New article
References: <200003231326.IAA24776@blackhelicopters.org>
	 <38DA7A60.B7C23121@newsguy.com>
	 <38DA950C.D4DCE9CC@softweyr.com> <4.1.20000324022914.00cbed30@mail.rz.fh-wilhelmshaven.de>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-advocacy@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Olaf Hoyer wrote:
> 
> >> > Legacy hardware will still need to be hand configured (though not
> >> > necessarily built in the kernel), and some kernel options are probably
> >> > unavoidable.
> >>
> >> But could potentially be configured through a loader script, rather
> >> than compiled into the kernel.
> 
> Hi!
> 
> Question: Is a loadable kernel module not a potential security risk?
> 
> I mean, if some module (which runs on a deeper, priviliged mode) has some
> malicous code in it, or simply is buggy, and is loaded during runtime, it
> could cause a box to simply crash.
> 
> Imagine some attacker exchanging some kernel module against own code, and
> causing that module to be loaded (say, some driver for access to certain
> filesystems, or zip drive etc...), or waiting for the module to be loaded
> (say, for regular, scheduled activities like backups or batch jobs or so)
> 
> Wouldn't it be safer, from a technical point of  view, to allow as less
> than possible kernel modules, thus enhancing stability and uptime?

No.  If you allow somebody to overwrite your modules, what's to keep
them from overwriting your kernel?

-- 
            "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                         Softweyr LLC
wes@softweyr.com                                           http://softweyr.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-advocacy" in the body of the message