On Fri, Oct 25, 2002 at 07:20:33PM -0700, Brooks Davis wrote: > On Fri, Oct 25, 2002 at 07:05:57PM -0700, Terry Lambert wrote: > > Depending on the value of "sysctl kern.module_path", if the "if_ppp" > > module does not exist, and one of the path components is writeable, > > then this would permit you to abuse the pppd to load arbitrary modules > > into the kernel. > > > > So I understand Bakul's complaint. > > > > But by the same token, "mount" and "ifconfig" have the same problems; > > on the other hand, unlike pppd, they are not suid root. > > Note the getuid() check to prevent exactly this problem. If you want to > keep root from loading modules, that's a kernel problem.
Oops, wrong problem. If this one exists, it's a bug in kldload. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4
msg45357/pgp00000.pgp
Description: PGP signature
