39 messages in org.freebsd.freebsd-archRe: making the snoop device loadable.| From | Sent On | Attachments |
|---|---|---|
| Alfred Perlstein | Jul 9, 2000 12:04 am | |
| Adam | Jul 9, 2000 1:19 am | |
| Alfred Perlstein | Jul 9, 2000 3:33 am | |
| Adam | Jul 9, 2000 6:25 am | |
| Daniel C. Sobral | Jul 9, 2000 6:52 am | |
| Boris Popov | Jul 9, 2000 7:20 am | |
| Adam | Jul 9, 2000 10:45 am | |
| Poul-Henning Kamp | Jul 9, 2000 10:49 am | |
| Wilko Bulte | Jul 9, 2000 10:59 am | |
| Adam | Jul 9, 2000 11:12 am | |
| Poul-Henning Kamp | Jul 9, 2000 11:16 am | |
| Adam | Jul 9, 2000 11:56 am | |
| Alfred Perlstein | Jul 9, 2000 12:06 pm | |
| Adam | Jul 9, 2000 12:35 pm | |
| Alfred Perlstein | Jul 9, 2000 1:13 pm | |
| Adam | Jul 9, 2000 1:19 pm | |
| John Baldwin | Jul 9, 2000 1:24 pm | |
| Adam | Jul 9, 2000 1:25 pm | |
| Adam | Jul 9, 2000 1:30 pm | |
| John Baldwin | Jul 9, 2000 1:34 pm | |
| Adam | Jul 9, 2000 2:56 pm | |
| John Baldwin | Jul 9, 2000 3:08 pm | |
| Doug Barton | Jul 9, 2000 4:39 pm | |
| Marius Bendiksen | Jul 9, 2000 4:40 pm | |
| Marius Bendiksen | Jul 9, 2000 4:45 pm | |
| Marius Bendiksen | Jul 9, 2000 4:47 pm | |
| Marius Bendiksen | Jul 9, 2000 4:53 pm | |
| Alfred Perlstein | Jul 9, 2000 4:56 pm | |
| Jeroen C. van Gelderen | Jul 9, 2000 5:36 pm | |
| Jeroen C. van Gelderen | Jul 9, 2000 5:38 pm | |
| Jeroen C. van Gelderen | Jul 9, 2000 5:44 pm | |
| Alfred Perlstein | Jul 9, 2000 6:02 pm | |
| Mike Smith | Jul 9, 2000 8:27 pm | |
| Mike Smith | Jul 9, 2000 8:35 pm | |
| Adam | Jul 9, 2000 9:06 pm | |
| Dag-Erling Smorgrav | Jul 10, 2000 12:08 am | |
| Peter Wemm | Jul 10, 2000 1:01 am | |
| Andrzej Bialecki | Jul 10, 2000 3:36 am | |
| Bruce Evans | Jul 10, 2000 4:48 am |
| Subject: | Re: making the snoop device loadable. | |
|---|---|---|
| From: | Alfred Perlstein (bri...@wintelcom.net) | |
| Date: | Jul 9, 2000 6:02:05 pm | |
| List: | org.freebsd.freebsd-arch | |
* Jeroen C. van Gelderen <jer...@vangelderen.org> [000709 17:45] wrote:
Marius Bendiksen wrote:
Why did it exist from FreeBSD-WhoKnowsWhen until 1999? I'd like to use X
As I recall, this had something to do with shrinking the kernel for PicoBSD, amongst other things.
why NO_LKM is bad but couldn't find anything. Could you help me find a discussion on it or tell me why disabling kernel modules is *not* security? Assuming I'd notice a reboot and would consequently whup some butt if someone did.
Thing is; disabling kernel modules will avail you little, as an illegitimate user can still use the memory devices to access physical memory, and thus binary patch a live kernel. This is hard, but it can, and has been done.
Sure. But that may not be in one's threat model. Sure, a NO_KLD could be worked around in theory but maybe not in practice; Which means it can be very useful albeit maybe not for you.
It's not very useful, the second some weenie posts his canned "load a kld on freebsd even with NO_KLD" 'sploit', it'll all be over in a most embarrasing way, all admins foolishly relying on such 'protection' will have to scramble to fix things properly.
Here's it in a nutshell, it was less than trivial to get the snoop device loadable. Right now there is no 'NO_KLD' switch.
Raise secure level or don't give out root.
-- -Alfred Perlstein - [bri...@wintelcom.net|alf...@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk."
To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message