Re: customization of Darwin kernel
Re: customization of Darwin kernel
- Subject: Re: customization of Darwin kernel
- From: "Matthias Kretschmer" <email@hidden>
- Date: Mon, 10 Feb 2003 20:42:19 +0100 (CET)
>
I am aware that many of the options I am requesting information about
>
are availible as extensions, modules, and configuration file options.
>
However, I am still interested in enabling / disabling these options at
>
the kernle level. For example, when I asked about the KERNEL LEVEL
>
customization of allowing or disallowing IP packet forwarding I am more
>
interested in DISABLING it via the kernel.
Basically as written above it is done via a sysctl, which can only be
performed by root (or sudo enabled users with root access - the
administrator checkbox does this). So if you explicitly set this to zero,
nobody can do forwarding, removing the entire code from the kernel should
not change much, because someone with root priveledges should be able to
boot any kernel, so even with no kernel on the box, one could create one
and put it on the box if there is somehow access from/to the outside
(network, disks, cds, etc.). So there shouldn't be any other risk.
>
[...] Additionaly, disabling a
>
CD-burner in kernel space has its reasons as well. Assume I want the
>
ability to burn CD's and am willing to swap kernels for this. I want to
>
be assured that other users of my systems ARE NOT burning CD's which may
>
contain
>
proprietary data. Essentially trusted users have access to the CD-R
>
enabled kernel... other users dont. These are the kinds of "hobby
>
projects" that I work on! Admittedly these proceedures are a bit
>
extreem...but as a security consultant I am always interested in the
>
MANY ways a solution could be achieved.
One question would be, how you will do the trick, that only special
recignized people are able to boot one specific kernel? At least the
standard boot process does not enable one to choose which kernel to boot
after authentication. The user authentication is done after kernel is
loaded. So there should be some way, but as far as I understand
openfirmware and stuff, I will be able to enter openfirmware and noone
will stop me. At least if there is some password feature, I could simply
erase nvram/etc. using some killing keystroke or pressing some button (it
is done with some key-combination on my iBook) and then using standard key
combination to enter open firmware and tell it by hand, which kernel to
boot.
On the other hand, you could simply use darwins ability to load kernel
extensions at runtime (and unload them) without changing kernels. If just
one kernel extension is used for burning CDs (and this is not done through
the userland tools which just need raw access to CD-writers) you could
disable it. But maybe all the stuff is done in userland, so there would be
two solutions:
a) disabling whole CD/CD-writer access (so no reading of CDs possible)
b) enabling all
Well there would be another solution. As far as I understand, CD-writers
need direct access to the drivers to send them arbitrary commands. Maybe
you are able to just disable this ability, maybe this can be done by
changing some sysctl.
--
Greetings
Matthias Kretschmer
_______________________________________________
darwin-kernel mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/darwin-kernel
Do not post admin requests to the list. They will be ignored.