I think perhaps we should separate the name spaces so that the
kernel never modprobes for an actual module file name. In other
words, there would only be three ways in which a module would
"automatically" be loaded:
(1) it exports an alias like "fs-ext3", for the level helper that
request_module calls (devfs could also use these aliases),
(2) it exports a device ID table for hotplug et al (probably
should not be the same name space as module "aliases" because
of device ID extensibility issues argued by David Brownell),
(3) it exports a symbol needed by some other module.
This would reduce the security attacks based on getting the
kernel to load arbitrary module names.
It would also be straightfoward to add a flaag to depmod to
ask it to detect any modules that export no aliases, device ID tables
or symbols (perhaps they could have flag that says "yes, I really only
want to be loaded manually").
Adam J. Richter __ ______________ 575 Oroville Road
adam@yggdrasil.com \ / Milpitas, California 95035
+1 408 309-6081 | g g d r a s i l United States of America
"Free Software For The Rest Of Us."
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/