Re: [Split off] Re: Kernel Extensions
Re: [Split off] Re: Kernel Extensions
- Subject: Re: [Split off] Re: Kernel Extensions
- From: "Corey O'Connor" <email@hidden>
- Date: Tue, 18 Nov 2003 09:32:06 -0800
Correct me if I'm wrong but...
Even though any admin can be root:wheel if they want, they still have
to su or sudo to do so. In my opinion this is a safety net against
accidental kext modification. As with any mucking about in the kernel
level, you needa be really sure what your doing. So I have no problems
with more protections against modifying kext's.
Corey O'Connor
DogHeadBone LLC
http://www.dogheadbone.com
On Nov 18, 2003, at 3:00 AM, Stiphane Sudre wrote:
On Monday, November 17, 2003, at 11:43 PM, Jim Magee wrote:
And this brings up back to the suggestion that you use ipfw - because
it was specifically designed to reflect this kind of traffic out to
user-space. That is, if you are going to use anything on these
machines at all (instead of just using a proxy server on your network
as others have suggested). The argument that any admin user could
change the firewall rules doesn't really hold water. They can
remove your kext as well.
This is why I'm still wondering why a kext needs to be root:wheel
644/755 and not just root:admin 644/755 when any admin user can be
root:wheel if he wants and when he wants.
I still don't understand this modification introduced in 10.2.
_______________________________________________
darwin-kernel mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/darwin-kernel
Do not post admin requests to the list. They will be ignored.
_______________________________________________
darwin-kernel mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/darwin-kernel
Do not post admin requests to the list. They will be ignored.