Re: 'lock' modules?

From: John Alvord (jalvo@mbay.net)
Date: Wed Jun 07 2000 - 10:46:03 EST


On Wed, 7 Jun 2000, James Sutherland wrote:

> On Wed, 7 Jun 2000, Keith Owens wrote:
>
> > On Tue, 6 Jun 2000 21:57:19 -0400 (EDT),
> > buddy@foobar.resnet.gatech.edu wrote:
> > >I was wondering if anyone has considered modifying the linux kernel such
> > >that the modules may be 'locked'.
> >
> > Repeatedly. And the answer is always the same - "how can you tell the
> > difference between a good and a bad root user?". root can build,
> > change, load and unload modules, whether on this session or on the next
> > reboot. There is no way to distinguish between an authorised root user
> > and an "unauthorised" root user, a root by any other name has the same
> > power.
>
> True. Having said that, there may be some use in having a "lock system
> down" facility: after executing some command, it is no longer possible to
> [un]load modules. Alternatively, you could also make /lib/modules/`uname
> -r` immutable, and then just restrict module loading to subdirectories of
> that?
>
> There was one Linux breakin, IIRC, where the attackers used a kernel
> module to disguise their presence. If it had been impossible to load this
> kernel module in the first place, life would have been a bit harder for
> them...
>

Would it help to build a system without module support?

john alvord

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Wed Jun 07 2000 - 21:00:29 EST