Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Mon, 29 Apr 2002 11:03:04 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Mon, 29 Apr 2002 11:03:03 -0400 Received: from mole.bio.cam.ac.uk ([131.111.36.9]:28176 "EHLO mole.bio.cam.ac.uk") by vger.kernel.org with ESMTP id ; Mon, 29 Apr 2002 11:03:03 -0400 Message-Id: <5.1.0.14.2.20020429154159.04a13d80@pop.cus.cam.ac.uk> X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Mon, 29 Apr 2002 16:03:18 +0100 To: Rolf Fokkens From: Anton Altaparmakov Subject: Re: [PATCH] module locking Cc: "Thomas 'Dent' Mirlacher" , linux-kernel@vger.kernel.org In-Reply-To: <200204291430.g3TEUiV02444@fokkensr.vertis.nl> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org At 08:30 29/04/02, Rolf Fokkens wrote: >On Monday 29 April 2002 09:23, Thomas 'Dent' Mirlacher wrote: > > the capable call is sthell there, but with the module_lock > > kind or redundant. > >once set module_lock cannot be cleared, not even by root. This differs from >the CAP_SYS_MODULE which can be activated by root, if I'm correct. > >module_lock is only a suggestion, w/o /dev/kmem write locking or even >locking writes on other /dev/.. or doing mounts it won't be full proof. *sigh* RTFM man 2 sysctl With your patch applied AND module_lock set to 1, anyone with sufficient privileges could still do: #include #include #include _syscall1(int, _sysctl, struct __sysctl_args *, args); #define SIZE(x) sizeof(x)/sizeof(x[0]) int main(void) { int name[] = { CTL_KERN, KERN_MODPROBE }; int hack = 0; struct __sysctl_args args = { name, SIZE(name), 0, 0, &hack, sizeof(hack) }; if (_sysctl(&args)) { perror("sysctl failed"); exit(1); } printf("module_lock has been zeroed! Muahaha!"); return 0; } Good bye module_lock! /me waves What was that about not being able to zero it again...? Best regards, Anton -- "I've not lost my mind. It's backed up on tape somewhere." - Unknown -- Anton Altaparmakov (replace at with @) Linux NTFS Maintainer / IRC: #ntfs on irc.openprojects.net WWW: http://linux-ntfs.sf.net/ & http://www-stu.christs.cam.ac.uk/~aia21/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/