If root is compromised, that's the only way bpf can be gotten to by
default. When root's compromised, if no bpf is available, the mem devices
can still be created (if not there) and network queues can be listened to.
And can't IFF_PROMISC be turned on too?
There's no good reason to not have bpf in at least the boot disk kernel.
Brian Fundakowski Feldman _ __ ___ ____ ___ ___ ___
[EMAIL PROTECTED] _ __ ___ | _ ) __| \
FreeBSD: The Power to Serve! _ __ | _ \._ \ |) |
http://www.FreeBSD.org/ _ |___/___/___/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
- So, back on the topic of enabling bpf in GENERIC... Jordan K. Hubbard
- Re: So, back on the topic of enabling bpf in GENERI... David E. Cross
- Re: So, back on the topic of enabling bpf in GE... Jordan K. Hubbard
- Re: So, back on the topic of enabling bpf in GENERI... Brian F. Feldman
- Re: So, back on the topic of enabling bpf in GE... Jordan K. Hubbard
- Re: So, back on the topic of enabling bpf i... Brian F. Feldman
- Re: So, back on the topic of enabling b... Brian F. Feldman
- Re: So, back on the topic of enabl... Matthew Dillon
- Re: So, back on the topic of e... Brian F. Feldman
- Re: So, back on the topic of e... Mike Smith
- Re: So, back on the topic ... Matthew Dillon
- Re: So, back on the topic of enabl... Warner Losh
- Re: So, back on the topic of e... Alfred Perlstein
- Re: So, back on the topic ... Warner Losh
