[KLUG Members] A kernel Q

Adam Tauno WIlliams adam at morrison-ind.com
Fri Sep 10 13:42:09 EDT 2004

Previous message: [KLUG Members] A kernel Q
Next message: [KLUG Members] A kernel Q
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> >The question of why someone would want to do the above is a valid
> >question.
> What, compile the modules into the Kernel and turn off module support? Ah,
> security comes to mind as a first justification. 

I suppose, I find these kind of things rather dubious.  To potentially
exploit the module loading mechanism you have to have already exploited
the box to gain local access - in other words: your already humped.

> This is one technique used by some building Linux based firewalls.

Some, but other like floppyfw support modules.  Personally - I think if
you take away modules you make a much less useful product as adding a
feature you need becomes a much larger task.

Previous message: [KLUG Members] A kernel Q
Next message: [KLUG Members] A kernel Q
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Members mailing list