Thread (38 messages) 38 messages, 9 authors, 2017-05-05

Re: [kernel-hardening] Re: [PATCH v3 1/2] modules:capabilities: automatic module loading restriction

From: Djalal Harouni <hidden>
Date: 2017-04-20 20:39:27
Also in: linux-security-module, lkml 

On Thu, Apr 20, 2017 at 5:02 PM, Ben Hutchings [off-list ref] wrote:
On Thu, 2017-04-20 at 14:44 +0200, Djalal Harouni wrote:
quoted
quoted
On Thu, Apr 20, 2017 at 4:22 AM, Ben Hutchings [off-list ref] wrote:
On Thu, 2017-04-20 at 00:20 +0200, Djalal Harouni wrote:
[...]
[...]
quoted
modules_disabled is too restrictive and once set it can't be changed,
maybe that's why not all users use it.

With modules_disabled=0 and modules_autoload=2
[...]

Hmm, OK.  How about naming this modules_autoload_mode, then, so that
it's obviously not a boolean?
Yes that's fine by me, kees already suggested to rename it to
"modules_autoload" I can change it to that if it's the best
suggestion!

Thanks!

Ben.

--
Ben Hutchings
It is easier to change the specification to fit the program than vice
versa.


-- 
tixxdz
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help