Re: Security: auto-loading protocol modules
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 19/11/2010 03:08, Ben Hutchings wrote:
> On Thu, 2010-11-18 at 03:33 +0000, Ben Hutchings wrote:
>> Unlike device or filesystem modules, most protocol modules may be auto-
>> loaded on behalf of local users without any special capabilities. This
>> means that security vulnerabilities in such protocol modules may be
>> exploitable by local users even on a system where there is no need for
>> the protocol.
>>
>> Protocol modules are requested via module aliases generated from the
>> protocol-family, protocol and type numbers passed to socket().
>> Administrators can of course blacklist the modules or disable their
>> aliases, but there is an ever-growing list of protocols. There has been
>> some discussion upstream of providing a means to disable or restrict
>> this auto-loading altogether, but this is currently unresolved.
> [...]
>
> It looks like DECnet is not in great shape w.r.t security and is not at
> all widely used. You appear to be maintaining both kernel (upstream)
> and userland (in Debian). What do you think of moving the module alias
> into dnet-common, so systems without that package are not vulnerable to
> security flaws in the decnet module?
>
Hiya,
The Debian DECnet package already modprobes the decnet module in the
init script (it avoids some potential auto-loading race conditions), so
disabling auto-load will be fine.
For info, the kernel module is unmaintained upstream - I orphaned it
some time ago as I have neither the time nor expertise to handle it (and
never did, to be quite honest).
Chrissie
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iD8DBQFM5pTPhej7/PCycRMRAkCaAJ0QrI45Em21Ei377xuji14ItVusxQCgpSOx
td8bFgVexFnfCC/eXnf04CY=
=L0c9
-----END PGP SIGNATURE-----
Reply to: