[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] RE: Lcap

Subject: Re: [cobalt-security] RE: Lcap
From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 23 Dec 2002 09:25:00 -0500 (EST)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Mon, 23 Dec 2002, Gerald Waugh wrote:

> On Mon, 23 Dec 2002, Jon wrote:
>
> > I installed RaQ4-All-Kernel-2.0.1-2.2.16C33III-1.pkg which never prompted/error'd on me? I was root and used the command line
> > upgrade function but I guess that the LCap install is not working from this?
>
> lcap will not permit the loading of kernel "modules"
> You didn't 'insmod' a kernel module.
>
> I'll look around for a simple kernel module, for you to test with.
>
>

Compile this and try and load it....
========== cut and paste below ===========
/* hello.c
 *
 * "Hello, world" - the loadable kernel module version.
 *
 * Compile this with
 *
 *    gcc -c hello.c -Wall
 */

/* Declare what kind of code we want from the header files */
#define __KERNEL__         /* We're part of the kernel */
#define MODULE             /* Not a permanent part, though. */

/* Standard headers for LKMs */
#include <linux/modversions.h>
#include <linux/module.h>

#define _LOOSE_KERNEL_NAMES
    /* With some combinations of Linux and gcc, tty.h will not compile if
       you don't define _LOOSE_KERNEL_NAMES.  It's a bug somewhere.
    */
#include <linux/tty.h>      /* console_print() interface */

/* Initialize the LKM */
int init_module()
{
  console_print("Hello, world - this is the kernel speaking\n");
  /* More normal is printk(), but there's less that can go wrong with
     console_print(), so let's start simple.
  */

  /* If we return a non zero value, it means that
   * init_module failed and the LKM can't be loaded
   */
  return 0;
}

/* Cleanup - undo whatever init_module did */
void cleanup_module()
{
  console_print("Short is the life of an LKM\n");
}
============= cut and paste above ================


do an "lsmod" (show modules already loaded)
Then load the module with
insmod hello.o

Of course to really tell, you will have to boot without lcap and load the
module, then boot with lcap


Gerald
--
http://frontstreetnetworks.com | http://raqware.com
Front Street Networks LLC  | Phone: +1 203-785-0699
229 Front Street, Ste. C, New Haven, CT. 06513-3203

References:
- Re: [cobalt-security] RE: Lcap
  - From: Gerald Waugh

Prev by Date: [cobalt-security] get_hash_table+23/36
Next by Date: Re: [cobalt-security] get_hash_table+23/36
Previous by thread: Re: [cobalt-security] RE: Lcap
Next by thread: [cobalt-security] RE: Lcap

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index