[1632] in linux-security and linux-alert archive
[linux-security] Re: kerneld and module security
daemon@ATHENA.MIT.EDU (Zygo Blaxell)
Wed Oct 1 03:25:36 1997
From: Zygo Blaxell <zblaxell@fiction.org>
To: ccscon66@ccs.carleton.ca (Chris Gorman)
Date: Tue, 30 Sep 1997 14:36:51 -0400 (EDT)
Cc: linux-security@redhat.com
In-Reply-To: <Pine.SOL.3.96.970930134428.1123D-100000@rideau> from "Chris Gorman" at Sep 30, 97 01:47:36 pm
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
Quoted from Chris Gorman:
> If the keyword exists currently or needs to be implemented?
> If it exists currently what is it?
A number of people have asked me this, so I'll cc back to linux-security.
As far as I know there is no such keyword; it would have to be implemented
and added to the modules.conf _syntax_. (I didn't think I was that
unclear; if I knew of such a keyword I would probably have mentioned it
by name, eh? ;-)
Someone with more time than I have will have to implement fix #1
(smarter modprobe). I'd recommend implementing something like a "permit"
keyword, which would be followed by a space-separated list of permitted
module names. Multiple 'permit' keywords should be cumulative; there
are lots of harmless modules and some of them are critical too. This
would be interpreted by modprobe when kerneld calls it to load the module.
modprobe's algorithm would be: if at least one 'permit' keyword is
present in /etc/modules.conf, only attempt to load a module if it is
listed on a 'permit' line.
After reading the sources a bit I noticed that you can also alias all
of the modules that will cause problems when loaded to 'off'; however
this means you need to keep a black list of bad modules instead of a
white list of good ones.
Yet another way to implement this would be to go after 'depmod'
and restrict what ends up in /lib/modules/*/modules.dep. The only
accepted values for modprobe as it stands must be aliases defined in
depmod/config.c or /etc/modules.conf, or modules listed in modules.dep.
modules.dep could be trimmed, either by using an external post-processing
utility, or by modifying depmod itself, before users get a chance to
interact with kerneld.
--
Microsoft Magic Line, The: n; the curve on a price-performance chart defined by
the set of current shipping MS products. New MS products shift the MML upward.
Competitive products that fall below the MML become unmarketable and disappear.
Hence, Microsoft is always the worst marketable solution for any real problem.
--
----------------------------------------------------------------------
Please refere to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null