Re: Feature request

From: Greg KH (gregat_private)
Date: Mon Apr 16 2001 - 10:32:59 PDT

  • Next message: richard offer: "Re: GACI item list - to give some items for discussion"

    On Mon, Apr 16, 2001 at 10:30:44AM -0700, Titus D. Winters wrote:
    > Be bad: overwrite init_module in sys_call_table.  You can write a module
    > that'll do it.  I guess the trick is getting it to run regardless of what
    > people do to init.
    > 
    > But seriously, I would agree that a switch to turn off further
    > insertion of modules would be nice.  We have to make sure that our
    > generalized framework will allow for such.  Modules can be very powerful,
    > both for good and evil.
    
    This is all about policy, which this project is not about (it's about
    letting different people pick which policy they want.)
    
    No special hooks are needed to enable this feature if someone wants to
    implement it (besides the already specified init_module hook that we
    proposed.)
    
    thanks,
    
    greg k-h
    
    -- 
    greg@(kroah|wirex).com
    http://immunix.org/~greg
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 10:34:58 PDT