RE: Kernel-loadable Root Kits

From: Deepak Jain (deepak@ai.net)
Date: 10/05/01


From: "Deepak Jain" <deepak@ai.net>
To: <cjclark@alum.mit.edu>, "Peter Chiu" <pccb@yahoo.com>
Date: Fri, 5 Oct 2001 16:24:44 -0400


Thanks Crist,

        This is a significant kiddie protection item and I for one would like to
see it committed to future FreeBSD releases. [in case the patch stops
working on a future code rev].

Deepak

-----Original Message-----
From: Crist J. Clark [mailto:cristjc@earthlink.net]
Sent: Friday, October 05, 2001 2:21 AM
To: Peter Chiu
Cc: D J Hawkey Jr; cjclark@alum.mit.edu; Alexander Langer;
deepak@ai.net; freebsd-security@FreeBSD.ORG
Subject: Re: Kernel-loadable Root Kits

On Thu, Oct 04, 2001 at 07:02:51PM -0400, Peter Chiu wrote:
> Hello Crist,
>
> I love this idea. However, how does it affect vinum?
>
> Extracted from LINT
> # Configuring Vinum into the kernel is not necessary, since the kld
> # module gets started automatically when vinum(8) starts. This
> # device is also untested. Use at your own risk.
> #

I like I said, this will prevent you from loading KLDs. (period)

--
Crist J. Clark                           cjclark@alum.mit.edu
                                         cjclark@jhu.edu
                                         cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message