loadable modules (was: Re: Hijacking tool)

[mrg () fulcrum com au (matthew green)]

av said:
   In the more recent versions of 'BSD based operating systems based on
   4.4-Lite, with the kernel security level stuff, I believe it is not
   possible to load a kernel module after it has left single user mode.
   Does anyone know of a hack to SunOS which affords the same kind of
   `protection' ?  Of course, /dev/kmem & /dev/mem would need to become
   read-only devices too...

for a sunos kernel, this option allowed loadable modules:

options VDDRV           # loadable modules

so you could turn then right off if you wanted to.

4.4bsd and 4.4bsd-lite do not have loadable modules.  you're confusing
terry lamberts lkm's that are used in both netbsd and freebsd with
something that doesn't exist.

and yes, with securelevel > 0, lkm's are not allowed (they can still be
loaded from rc.local as the securelevel is not changed until this has
finished executing at boot time).

obbug: erm...um...  chmod go-w /etc/aliases.*

.mrg.

-- 
matthew green        consultant          the fulcrum consulting group
mrg () fulcrum com au                /\     12/10-16 queen st
voice: +61 3 621 2100   perl             melbourne vic 3000       sun
  fax: +61 3 621 2724           netbsd   australia            /\