Re: [PATCH] power: disable hibernation if module loading isdisabled

From: david
Date: Sun Mar 06 2011 - 14:38:04 EST

Next message: Hugh Dickins: "Re: [PATCH 2/4] slub,rcu: don't assume the size of struct rcu_head"
Previous message: Martin Steigerwald: "Re: [regression] 2.6.37-post-rc7 with radeon kms: reproducably locks up hard when using desktop cube of kwin"
In reply to: Vasiliy Kulikov: "Re: [Security] [PATCH] power: disable hibernation if moduleloading is disabled"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 4 Mar 2011, Vasiliy Kulikov wrote:

If /proc/sys/kernel/modules_disabled is set to 1, then nobody (even full
root) may not read/write arbitrary kernel memory. In spite of it,
hibernation allows anyone with an access to either /dev/snapshot or
/sys/power/ make the full snapshot of the system. This snapshot may be
freely changed and uploaded back.

given that the user can boot a different OS entirely and modify the stored image, I don't see how this can work, even conceptually.

and tieing anything modules related to hibernation is just wrong, you are mixing completely different concepts (even if the implementation happens to be similar)

David Lang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Hugh Dickins: "Re: [PATCH 2/4] slub,rcu: don't assume the size of struct rcu_head"
Previous message: Martin Steigerwald: "Re: [regression] 2.6.37-post-rc7 with radeon kms: reproducably locks up hard when using desktop cube of kwin"
In reply to: Vasiliy Kulikov: "Re: [Security] [PATCH] power: disable hibernation if moduleloading is disabled"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]