Date: Fri, 24 Mar 2000 11:36:09 -0700 From: Wes Peters <wes@softweyr.com> To: Olaf Hoyer <ohoyer@fbwi.fh-wilhelmshaven.de> Cc: advocacy@FreeBSD.ORG Subject: Re: New article Message-ID: <38DBB599.14C48CAC@softweyr.com> References: <200003231326.IAA24776@blackhelicopters.org> <38DA7A60.B7C23121@newsguy.com> <38DA950C.D4DCE9CC@softweyr.com> <4.1.20000324022914.00cbed30@mail.rz.fh-wilhelmshaven.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Olaf Hoyer wrote:
>
> >> > Legacy hardware will still need to be hand configured (though not
> >> > necessarily built in the kernel), and some kernel options are probably
> >> > unavoidable.
> >>
> >> But could potentially be configured through a loader script, rather
> >> than compiled into the kernel.
>
> Hi!
>
> Question: Is a loadable kernel module not a potential security risk?
>
> I mean, if some module (which runs on a deeper, priviliged mode) has some
> malicous code in it, or simply is buggy, and is loaded during runtime, it
> could cause a box to simply crash.
>
> Imagine some attacker exchanging some kernel module against own code, and
> causing that module to be loaded (say, some driver for access to certain
> filesystems, or zip drive etc...), or waiting for the module to be loaded
> (say, for regular, scheduled activities like backups or batch jobs or so)
>
> Wouldn't it be safer, from a technical point of view, to allow as less
> than possible kernel modules, thus enhancing stability and uptime?
No. If you allow somebody to overwrite your modules, what's to keep
them from overwriting your kernel?
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
wes@softweyr.com http://softweyr.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-advocacy" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38DBB599.14C48CAC>