39 messages in org.freebsd.freebsd-archRe: making the snoop device loadable.| From | Sent On | Attachments |
|---|---|---|
| Alfred Perlstein | Jul 9, 2000 12:04 am | |
| Adam | Jul 9, 2000 1:19 am | |
| Alfred Perlstein | Jul 9, 2000 3:33 am | |
| Adam | Jul 9, 2000 6:25 am | |
| Daniel C. Sobral | Jul 9, 2000 6:52 am | |
| Boris Popov | Jul 9, 2000 7:20 am | |
| Adam | Jul 9, 2000 10:45 am | |
| Poul-Henning Kamp | Jul 9, 2000 10:49 am | |
| Wilko Bulte | Jul 9, 2000 10:59 am | |
| Adam | Jul 9, 2000 11:12 am | |
| Poul-Henning Kamp | Jul 9, 2000 11:16 am | |
| Adam | Jul 9, 2000 11:56 am | |
| Alfred Perlstein | Jul 9, 2000 12:06 pm | |
| Adam | Jul 9, 2000 12:35 pm | |
| Alfred Perlstein | Jul 9, 2000 1:13 pm | |
| Adam | Jul 9, 2000 1:19 pm | |
| John Baldwin | Jul 9, 2000 1:24 pm | |
| Adam | Jul 9, 2000 1:25 pm | |
| Adam | Jul 9, 2000 1:30 pm | |
| John Baldwin | Jul 9, 2000 1:34 pm | |
| Adam | Jul 9, 2000 2:56 pm | |
| John Baldwin | Jul 9, 2000 3:08 pm | |
| Doug Barton | Jul 9, 2000 4:39 pm | |
| Marius Bendiksen | Jul 9, 2000 4:40 pm | |
| Marius Bendiksen | Jul 9, 2000 4:45 pm | |
| Marius Bendiksen | Jul 9, 2000 4:47 pm | |
| Marius Bendiksen | Jul 9, 2000 4:53 pm | |
| Alfred Perlstein | Jul 9, 2000 4:56 pm | |
| Jeroen C. van Gelderen | Jul 9, 2000 5:36 pm | |
| Jeroen C. van Gelderen | Jul 9, 2000 5:38 pm | |
| Jeroen C. van Gelderen | Jul 9, 2000 5:44 pm | |
| Alfred Perlstein | Jul 9, 2000 6:02 pm | |
| Mike Smith | Jul 9, 2000 8:27 pm | |
| Mike Smith | Jul 9, 2000 8:35 pm | |
| Adam | Jul 9, 2000 9:06 pm | |
| Dag-Erling Smorgrav | Jul 10, 2000 12:08 am | |
| Peter Wemm | Jul 10, 2000 1:01 am | |
| Andrzej Bialecki | Jul 10, 2000 3:36 am | |
| Bruce Evans | Jul 10, 2000 4:48 am |
| Subject: | Re: making the snoop device loadable. | |
|---|---|---|
| From: | Marius Bendiksen (mben...@eunet.no) | |
| Date: | Jul 9, 2000 4:45:37 pm | |
| List: | org.freebsd.freebsd-arch | |
I think you missed my point. I'm not talking about hackers at all; if a hacker can load a module the game is already over. I'm talking about legit people with root who might do things behind the back of the person who compiled the kernel without snp in the first place.
This constitutes illigitimate use of superpowers, in my book. Clear such things with your coadmins in advance. If you cannot trust them to stick with your policy decisions, then they should not have root in the first place. And if you actually give them root, then you've really shot your self in the foot, which Unix is supposed to do without asking any questions, provided you point the gun in that direction, and pull the trigger.
If this change goes in, what do you do if you wish not to have snooping capable through the snp device and do not wish to lock unneccessary parts of the system down with securelevel?
You rewrite the securelevel code, or pay someone to do so. Or, as a very, very limited way of making it more work for the would-be snooper, you could remove the snoop module and sources. Not that it would be any work for them to get hold of it anyhow. And, as DCS stated, there are pre-made klds out there which would assist them better in this illegitimate use, anyhow.
Marius
To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message