Re: A required change? Re: [linux-security] Re: kerneld and module security
> On Mon, 29 Sep 1997 15:05:20 -0400 (EDT), Patrick Cantwell wrote:
> Seems like a serious hole to me. I just changed the permissions on my box, and
> think it it warrants debian to change policy regarding permissions and modules.
> >#5 make /usr/lib/modules root read/write only
I believe there was no advantage to this solution
> >> Corollary: Any module in /lib/modules can be loaded into kernel memory by
> >> any user at any time. There are potential denial-of-service attacks
> >> from autoprobes and device initialization all kinds of other goo that
> >> I wish I didn't have to think about here.
The above is true, because the process insmod-ing the module is setuid.
So, whatever permissions /lib/modules have, that hole isn't affected
by them. (As reported in later messages in linux-security).
Also, the security hole wasn't all that big, as all that was possible
was denial of service attacs: most systems don't have /lib/modules
world-writable, so users cannot add that "setuid wrapper module"
mentioned, and thus cannot insert it at will.
joost witteveen, firstname.lastname@example.org
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to email@example.com .