av said:
In the more recent versions of 'BSD based operating systems based on
4.4-Lite, with the kernel security level stuff, I believe it is not
possible to load a kernel module after it has left single user mode.
Does anyone know of a hack to SunOS which affords the same kind of
`protection' ? Of course, /dev/kmem & /dev/mem would need to become
read-only devices too...
for a sunos kernel, this option allowed loadable modules:
options VDDRV # loadable modules
so you could turn then right off if you wanted to.
4.4bsd and 4.4bsd-lite do not have loadable modules. you're confusing
terry lamberts lkm's that are used in both netbsd and freebsd with
something that doesn't exist.
and yes, with securelevel > 0, lkm's are not allowed (they can still be
loaded from rc.local as the securelevel is not changed until this has
finished executing at boot time).
obbug: erm...um... chmod go-w /etc/aliases.*
.mrg.
--
matthew green consultant the fulcrum consulting group
mrg @
fulcrum .
com .
au /\ 12/10-16 queen st
voice: +61 3 621 2100 perl melbourne vic 3000 sun
fax: +61 3 621 2724 netbsd australia /\
References:
|
|
