Re: Kernel-loadable Root Kits

From: Laurent Fabre (fabre@matranet.com)
Date: 10/05/01


Date: Fri, 05 Oct 2001 11:44:40 +0200
From: Laurent Fabre <fabre@matranet.com>
To: Rasputin <rasputin@submonkey.net>

Rasputin wrote:
> * Eli Dart <dart@nersc.gov> [011004 19:30]:
>
>>In reply to "Crist J. Clark" <cristjc@earthlink.net> :
>>
>>[snip]
>>
>>
>>>Have fun. Unless there is outpouring from people who love the idea,
>>>I'm not going to commit these to FreeBSD.
>>>
>>Please consider this as part of an outpouring of support from people
>>who love the idea.
>>
>
> "me too".
>
> Isn't this fairly common among the other BSDs as well?
>
> An alternative to securelevel is sometimes useful,
> and KLDs are a fairly well-known attack method against *BSD.
>
> I don't see any harm in adding it as an option - it's doesn't have to
> (definitely shouldn't be) the default, of course.
>
>
>>I don't always have the option of running a box
>>in securelevel 1, and I would like to have this knob available, even
>>though it doesn't fix the problem all the way. Something similar
>>used to exist in FreeBSD 3.x -- I was sorry when it went away.
>>
>> --eli
>>
>
> --
> Rasputin :: Jack of All Trades - Master of Nuns ::
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
>

please do commit it :)

-- 
#--------------------------------------------#
#              Laurent Fabre                 #
#            fabre@matranet.com              #      /\    ASCII ribbon
#          EADS, Matranet Product Group      #      \/      campaign
#                                            #      /\	    against
# "foreach if-diff,                          #     /  \    HTML email
#  you need to re-make world...."            #
#--------------------------------------------#
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message