Re: Fw: signed kernel modules?

From: Roman Zippel
Date: Thu Oct 14 2004 - 18:10:10 EST

Next message: Russell King: "Re: __attribute__((unused))"
Previous message: Adam Heath: "Re: [patch] Real-Time Preemption, -VP-2.6.9-rc4-mm1-U1"
In reply to: Roman Zippel: "Re: Fw: signed kernel modules?"
Next in thread: David Howells: "Re: Fw: signed kernel modules?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Thu, 14 Oct 2004, David Woodhouse wrote:

> Partly to protect against accidentally-corrupted modules causing damage.
> Partly to allow a sysadmin (or more likely an IT department) to enforce
> a policy that only known and approved modules shall be loaded onto
> machines which they're expected to support. Partly to allow other
> support providers to do likewise, or at least to _detect_ the fact that
> unsupported modules are loaded.

This really doesn't answer why it has to be done in the kernel. As is it
doesn't protect against anything and doing it in user space is as
effective.

bye, Roman
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Russell King: "Re: __attribute__((unused))"
Previous message: Adam Heath: "Re: [patch] Real-Time Preemption, -VP-2.6.9-rc4-mm1-U1"
In reply to: Roman Zippel: "Re: Fw: signed kernel modules?"
Next in thread: David Howells: "Re: Fw: signed kernel modules?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]