From: Chris Adams <cmadams@hiwaay.net>
To: linux-kernel@vger.kernel.org
Subject: Re: Hardwired drivers are going away?
Date: Mon, 14 Jan 2002 16:22:30 -0600 [thread overview]
Message-ID: <20020114222230.GA16490@HiWAAY.net> (raw)
In-Reply-To: <fa.g055bvv.qmq0hk@ifi.uio.no>
In-Reply-To: <ksahkuv.tg60gl@ifi.uio.no>
In article <fa.ksahkuv.tg60gl@ifi.uio.no>, David Lang wrote:
>I can see a couple reasons for building a kernel without useing modules.
>
>1. security, if you don't need any modules you can disable modules entirly
>and then it's impossible to add a module without patching the kernel first
>(the module load system calls aren't there)
There is no security gain from disabling module loading. If someone has
the level of access needed to load modules, they also have access to
/dev/mem. Run-time patching of the kernel is something that can be done
(and probably is done by some rootkits). For bonus points, patch in the
system call(s) required by insmod and voila: module loading now works
(instead of having to patch all your rootkit code into the running
kernel, patch in insmod and let the kernel load the code for you).
--
Chris Adams <cmadams@hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
next parent reply other threads:[~2002-01-14 22:23 UTC|newest]
Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <fa.g055bvv.qmq0hk@ifi.uio.no>
[not found] ` <ksahkuv.tg60gl@ifi.uio.no>
2002-01-14 22:22 ` Chris Adams [this message]
[not found] <20020115025840.11509.qmail@science.horizon.com.suse.lists.linux.kernel>
2002-01-15 12:16 ` Hardwired drivers are going away? Andi Kleen
2002-01-15 2:58 peter
2002-01-15 12:44 ` Alan Cox
2002-01-15 12:39 ` David S. Miller
2002-01-15 18:39 ` Rob Landley
[not found] <mailman.1011034621.1626.linux-kernel2news@redhat.com>
2002-01-14 23:33 ` Pete Zaitcev
-- strict thread matches above, loose matches on Subject: below --
2002-01-14 17:55 ISA hardware discovery -- the elegant solution Mr. James W. Laferriere
2002-01-14 18:08 ` Alan Cox
2002-01-14 18:10 ` Hardwired drivers are going away? Eric S. Raymond
2002-01-14 18:50 ` David Lang
2002-01-14 19:04 ` Alan Cox
2002-01-14 18:57 ` David Lang
2002-01-14 19:03 ` Andrew Pimlott
2002-01-14 19:21 ` Alan Cox
2002-01-15 10:45 ` Horst von Brand
2002-01-15 11:13 ` crispin
2002-01-15 14:25 ` David Lang
2002-01-14 19:00 ` Mr. James W. Laferriere
2002-01-14 19:17 ` Alan Cox
2002-01-14 19:14 ` Mr. James W. Laferriere
2002-01-14 19:37 ` Alan Cox
2002-01-14 20:28 ` Mr. James W. Laferriere
2002-01-14 19:44 ` David Lang
2002-01-14 20:09 ` Alexander Viro
2002-01-14 20:49 ` Chris Friesen
2002-01-14 20:55 ` Alexander Viro
2002-01-14 20:51 ` Ian Molton
2002-01-14 22:11 ` David Lang
2002-01-14 23:12 ` Brian Gerst
2002-01-14 23:17 ` David Lang
2002-01-14 23:22 ` Ian Molton
2002-01-15 0:40 ` H. Peter Anvin
2002-01-14 19:54 ` David Lang
2002-01-15 17:27 ` Aaron Lehmann
2002-01-15 17:47 ` Alexander Viro
2002-01-15 19:48 ` Alan Cox
2002-01-18 12:39 ` Florian Weimer
2002-01-18 22:20 ` Mr. James W. Laferriere
2002-01-18 23:22 ` Keith Owens
2002-01-20 23:20 ` Frank van de Pol
2002-01-21 0:54 ` Bruce Harada
2002-01-21 3:49 ` Andreas Ferber
2002-01-21 4:45 ` Bruce Harada
2002-01-21 5:12 ` Andreas Ferber
2002-01-21 1:06 ` Anton Altaparmakov
2002-01-21 1:07 ` Mr. James W. Laferriere
2002-01-21 1:30 ` Andrew Morton
2002-01-21 1:53 ` Keith Owens
2002-01-21 2:04 ` Andrew Morton
2002-01-21 2:25 ` Keith Owens
2002-01-21 2:56 ` Andrew Morton
2002-01-21 3:43 ` Keith Owens
2002-01-21 4:24 ` Andrew Morton
2002-01-21 3:44 ` yodaiken
2002-01-21 20:57 ` Kai Henningsen
2002-01-21 2:13 ` John Levon
2002-01-21 2:31 ` Keith Owens
2002-01-21 23:52 ` Thomas Zimmerman
2002-01-21 9:34 ` Horst von Brand
2002-01-21 14:29 ` John Levon
2002-01-21 1:31 ` Anton Altaparmakov
2002-01-14 19:27 ` Alexander Viro
2002-01-15 17:24 ` Aaron Lehmann
2002-01-15 18:17 ` David Lang
2002-01-15 19:25 ` Aaron Lehmann
2002-01-15 19:44 ` Kai Henningsen
2002-01-14 18:54 ` Mr. James W. Laferriere
2002-01-14 18:56 ` Alan Cox
2002-01-14 18:39 ` Eric S. Raymond
2002-01-14 19:09 ` Alexander Viro
2002-01-14 14:19 ` Rob Landley
2002-01-14 22:33 ` Greg KH
2002-01-15 11:35 ` Keith Owens
2002-01-15 15:34 ` Oliver Xymoron
2002-01-14 19:24 ` Alan Cox
2002-01-14 20:17 ` Eric S. Raymond
2002-01-14 14:57 ` Rob Landley
2002-01-14 20:51 ` David Lang
2002-01-14 22:18 ` Oliver Xymoron
2002-01-15 19:20 ` Horst von Brand
2002-01-16 9:00 ` Eric S. Raymond
2002-01-14 23:12 ` Rusty Russell
2002-02-09 0:19 ` Dr. Kelsey Hudson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20020114222230.GA16490@HiWAAY.net \
--to=cmadams@hiwaay.net \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox