I'm not sure what the point of this would really be..nor how you could
enforce it. Perhaps you should submit a proof of concept ;-)


On Fri, Jan 12, 2001 at 11:15:09AM -0600, Jason Smethers wrote:
> Has anyone put any thought into putting restrictions on what a module
> can modify when loaded into the kernel? If there is, say, ever binary
> third party driver support and this is provided without source some
> restrictions on what kernel data this module can link to and modify
> when loaded might be a good idea.
> I was thinking something along the lines of a list of symbols that a
> kernel module may call, and a list of symbols that a kernel module may
> modify. Allowing the update of these lists may be a little tricky to
> prevent already load modules from detecting this and adding their own
> symbols.
> Doing this with module types might be simple. When a module is loaded
> it would contain flags to the module type(s) it is uses and this
> selects the list of symbols it may interact with. A module may be then
> be used to update these symbols but root is warned and must OK a load
> of a kernel module with the type which allows updating the symbol
> lists.
> With the module types it would also help prevent a module from messing
> around in an area that is not expected from such a module. e.g. a
> network driver messing around in the VFS.
> Any thoughts?
> - Jason
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-current" in the body of the message

PGP signature

Reply via email to