"Richard L. Hamilton" <[EMAIL PROTECTED]> wrote:
> Is there a way to disallow further kernel module load/unload operations
> (including automatic
> loading of modules) pending (a) reboot (for security too), or in a less dire
> form (b) pending
> an explicit unlock request? (not sure the latter is actually needed)
>
> While this could function like part of BSD securelevels I suppose (at least
> one other
> minimal part being disabling writes to /dev/*mem), my main interest is if
> that would make it possible to install more kernel and driver patches safely
> in multi-user mode,
> without having to worry about an inconsistent set of modules getting loaded
> prior to reboot.
I tought that the way Solaris goes is to only allow to load signed modules.
Jörg
--
EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin
[EMAIL PROTECTED] (uni)
[EMAIL PROTECTED] (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily
_______________________________________________
opensolaris-code mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
