* frm offerat_private "10/18/2001 05:28:29 PM -0700" | sed '1,$s/^/* /' * * * ** frm chrisat_private "10/16/2001 07:34:42 PM -0700" | sed '1,$s/^/* /' ** ** **> ===== kernel/module.c 1.16 vs edited ===== **> @@ -357,8 +357,6 @@ **> unsigned long mod_user_size; **> struct module_ref *dep; **> **> - if (!capable(CAP_SYS_MODULE)) **> - return -EPERM; **> lock_kernel(); **> if ((namelen = get_mod_name(name_user, &name)) < 0) { **> error = namelen; ** ** am i missing something here? did you just delete the CAP_SYS_MODULE ** check? this surely isn't right! * * Opps, you're right. The intention was to move the capable call nearer the * hook, but that is so far into the function that it might be better to move * the hook further forward (to limit grottiness), simmilar to how * create_module is handled... * As Lachlan pointed out in private email this means that the hook will now be called before the module has been validated. The question is "is this important ?". Will the fact that mod->init is out of bounds impact any reasonable poliy ? The name of the module will be available, is that enough on which to base a security policy decision ? richard. -- ----------------------------------------------------------------------- Richard Offer Technical Lead, Trust Technology, SGI "Specialization is for insects" ___________________________________________On sabatical Nov 8 -> Nov 30 _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Oct 19 2001 - 08:41:30 PDT