> I'd like it from the guru's on exactly how bad a hole this really is
> and if there is a method in the kernel that will prevent such exploits.
> For example, if I disable CONFIG_MODVERSIONS is the kernel less likely
> to accept a module we didn't build? Are there plans to implement some
> form of finger printing on modules down the road?
I seem to recall that there are rootkits with kernel modules out in the
wild. If I recall correctly, there is a kernel capabilities patch that
will disallow loading modules after some point.
Its been something I've been meaning to look into more, but with a million
other projects on the platter ...
-- -- John E. Jasen (jjasen@realityfailure.org) -- User Error #2361: Please insert coffee and try again.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/