Re: 'sign' modules? was: RE: 'lock' modules?

From: Olaf Titz (olaf@bigred.inka.de)
Date: Wed Jun 07 2000 - 17:24:11 EST

Next message: Jeff V. Merkey: "Re: how about SPX ?"
Previous message: Bartlomiej Zolnierkiewicz: "Re: ATA linux-2.2.16 patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> So you must implement signature checking into the kernel code. If does
> not match, kernel would return from syscall with error value and drop
> the module. I've already started to write this thing (on module related

Does not help. You can patch the check out of the kernel before
loading the module via /dev/mem if you have root and the system
doesn't run under securelevel. If it does run under securelevel,
loading modules would be an inappropriate action anyway.

Olaf

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jeff V. Merkey: "Re: how about SPX ?"
Previous message: Bartlomiej Zolnierkiewicz: "Re: ATA linux-2.2.16 patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Jun 15 2000 - 21:00:15 EST