Re: Hardwired drivers are going away?

Andreas Ferber (aferber@techfak.uni-bielefeld.de)
Mon, 21 Jan 2002 04:49:52 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: yodaiken@fsmlabs.com: "Re: Hardwired drivers are going away?"
Previous message: Keith Owens: "Re: Hardwired drivers are going away?"
In reply to: Bruce Harada: "Re: Hardwired drivers are going away?"

On Mon, Jan 21, 2002 at 09:54:58AM +0900, Bruce Harada wrote:
>
> ...and how would you guarantee that this setting remains set, in the face of
> some nasty little cracker screwing around with /dev/kmem?

If the attacker gained the ability to play with /dev/kmem, he can
already load modules into the kernel, regardless if the kernel is
actually compiled with module support or not. You can find various
papers describing how to do it via google, and AFAIK some rootkits are
already using those techniques, so it's even "scriptkiddy-ready".

Face it, there is absolutely /no/ security gain in disabling module
support.

Andreas

-- 
       Andreas Ferber - dev/consulting GmbH - Bielefeld, FRG
     ---------------------------------------------------------
         +49 521 1365800 - af@devcon.net - www.devcon.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: yodaiken@fsmlabs.com: "Re: Hardwired drivers are going away?"
Previous message: Keith Owens: "Re: Hardwired drivers are going away?"
In reply to: Bruce Harada: "Re: Hardwired drivers are going away?"