Originally posted by stormcrow
View Post
Announcement
Collapse
No announcement yet.
Linux's modprobe Adds The Ability To Load A Module From Anywhere On The File-System
Collapse
X
-
-
Originally posted by Weasel View PostWow once again an absolute great feature and security asshats polluting everything with their hysteria, it's the reason Crapland will forever be a toy too.
modprove requires privileges to load the module. If you are root you have full control over the fucking filesystem, including placing your fucking module ANYWHERE, why the fuck does it matter?
Fantastic ability for convenience. I'm so sick of the word "security".
Lunix needs to get away from the headless-by-default scheme and rely more on good old fashioned UAC for privileged auth instead of this mythical root user that can somehow always be accessed and do literally anything to a machines firmware. Maybe even lock the ROM?Last edited by AlanTuring69; 06 October 2023, 11:49 AM.
Comment
-
Originally posted by AlanTuring69 View Post"sudo -s" ever heard of it? The very first command literally everyone worth any degree of engineering or security competency runs before they execute any command because Lunix permissions are a flustercuck? Would love to hear your excuse as to why root should be this special user that can modify the kernel on-demand when root is what almost all demons run under?
Lunix needs to get away from the headless-by-default scheme and rely more on good old fashioned UAC for privileged auth instead of this mythical root user that can somehow always be accessed and do literally anything to a machines firmware. Maybe even lock the ROM?
what part of: "sudo cp ... && sudo modprobe blah" being available without this patch you don't get?
If you have a problem with root, then that's not my problem and I wasn't arguing about it.
If you think sudo is a security issue then maybe you should use better security practices and a better password.
Otherwise I've no idea what you're even trying to say.
As long as the user that can use modprobe (root in this case) can also modify the filesystem, this patch is not a security issue. Period.
Comment
-
Originally posted by Weasel View PostAs long as the user that can use modprobe (root in this case) can also modify the filesystem, this patch is not a security issue. Period.
Originally posted by Weasel View Postwhat part of: "sudo cp ... && sudo modprobe blah" being available without this patch you don't get?
Also remember just because a user is granted sudo does not mean they are granted to run all commands. User might not be able to sudo cp because they are not granted cp as sudo.
Maybe someone should have read how sudo works before doing their post Weasel. Because why did you presume user granted right to use modprobe is also granted the right to use cp. Home installs yes enterprise business install this can be they are only granted modprobe.
Yes one of the problems is allowing modprobe to load files from where ever means a user who is only granted modprobe can now do more than what they use to be able to this include loading module of hell.
Historic examples have udev equal scripts having typo so end up loading the wrong module with insmod because some typo end up with a full path to a different kernel module than the user current running. Yes the Linux kernel feature to allow kernel modules that don't own to the current kernel to load come into play here.
In fact there is a use case why you want it to fail and add this feature to modprobe. Let say you could do modprobe "/usr/lib/modules/[kernel version]/[full path to module]
It would be useful if that function would fail when the kernel version did not match current kernel.
kpatch - live kernel patching. Contribute to dynup/kpatch development by creating an account on GitHub.
Be very warned linux kernel modules don't just include normal drivers. They also include items like kpatch.
Comment
-
Originally posted by oiaohm View PostBecause not all of them look like this.
Also remember just because a user is granted sudo does not mean they are granted to run all commands. User might not be able to sudo cp because they are not granted cp as sudo.
]Maybe someone should have read how sudo works before doing their post Weasel. Because why did you presume user granted right to use modprobe is also granted the right to use cp. Home installs yes enterprise business install this can be they are only granted modprobe.
modprobe can do anything since it inserts kernel module which can do absolutely everything it wants to, including expose cp functionality to any user, zero out your drive or whatever.
It's far more "dangerous" than cp.
Comment
-
Originally posted by Weasel View PostIn what world would you let someone use modprobe but not cp with root privileges?
modprobe can do anything since it inserts kernel module which can do absolutely everything it wants to, including expose cp functionality to any user, zero out your drive or whatever.
It's far more "dangerous" than cp.
There are cases where parties will be given lsmod, rmmod and modprobe with nothing else. So they can reset a driver so resetting a bit of hardware so the system comes functional again.
This use case really does mean the option to load modules anywhere on the file system need a off switch that restricts module loading to where it currently is.
Please note there are enterprise versions of sudo that log every action.
Yes like dzdo.
Just because someone is trusted to use modprobe correctly does not mean they are trust to perform cp as root.
Weasel what does need to restart driver to make a bit of hardware come functional have to do with need the cp command as root? The simple answer it does not. The common is lsmod, rmmod and modprobe handed out in combination. Not people not given insmod that can load a file from anywhere into the kernel.
This change basically without a disable switch will break existing setups.
Comment
Comment