Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
akerl_ 2 hours ago

It’s not enabled by default. It’s an optional module that is loaded on demand. The entire setup of the kernel promotes compiling in the core set of things your users will need and offering basically everything else as a module to load on demand.

chromacity an hour ago | parent | next [-]

This is a pedantry for the sake of it. If it's present by default and an attacker can trivially cause it to be loaded, it's the same as "on by default".

Sohcahtoa82 an hour ago | parent | next [-]

> This is a pedantry for the sake of it.

Par for the course for HN.

akerl_ an hour ago | parent | prev [-]

It’s radically different than on by default.

Having a service that automatically starts and listens on the network is radically different from having a module that a local administrator can load.

If you want to block module loads, you’re one sysctl flag away.

zzrrt an hour ago | parent | next [-]

> having a module that a local administrator can load

This is a successful local privilege escalation, so local administrator privs were not needed. In default configuration of all distros, apparently.

> If you want to block module loads, you’re one sysctl flag away.

The modules aren't really the point, it's that unnecessary features (to 99% of us?) were accessible by default without privs.

zbentley 33 minutes ago | parent | prev | next [-]

This is "a service that automatically starts". That's what automatic kernel module loading is for!

It's not any different from putting an always-running network service behind socket activation instead. The security boundary/risk is nearly identical between the two.

akerl_ 31 minutes ago | parent [-]

One is remotely accessible. The other is locally accessible.

zbentley 25 minutes ago | parent [-]

The GP you were replying to mentioned a vulnerability "present by default and an attacker can trivially cause it to be loaded".

You responded contrasting a network service with an administrator-loadable module.

This is neither of those. It's an LPE, not a remote exploit. It doesn't require an administrator (root) to load anything. In context of this vuln, it's exactly analogous to socket activation. The scope of an LPE vuln is local; yes. What does that have to do with the rest of your comments?

akerl_ 14 minutes ago | parent [-]

I don't understand what point you're trying to make here.

I originally replied to a comment saying "This feels like the practice of Linux distros back in 1999 when they'd ship default installs with dozens of network services exposed to the internet". It is not like that.

ftheplan9 an hour ago | parent | prev [-]

[flagged]

an hour ago | parent | prev [-]
[deleted]