Module security [Was: Re: Bootscreen]

From: Horst von Brand (brand@jupiter.cs.uni-dortmund.de)
Date: Wed Jan 29 2003 - 04:57:52 EST

Next message: Stelian Pop: "[PATCH 2.4.21-pre4] sonypi and input subsystem integration"
Previous message: H. Peter Anvin: "Re: kernel.org frontpage"
In reply to: Jos Hulzink: "Re: Bootscreen"
Next in thread: Oliver Neukum: "Re: Bootscreen"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jos Hulzink <josh@stack.nl> said:

[...]

> Oh, and using modules is a (minor) security issue. I have all my drivers
> compiled in the kernel. I like it and it is secure.

There are ways of installing rogue "modules" even without module support.
Google and ye shall find... [One of the online cracker mags had an
extensive article on module/kernel based rootkits some 6-10 months
ago]. And if "someone" gets root, they can leave behind a doctored kernel
any time they want. You'll never notice...

-- 
Dr. Horst H. von Brand                   User #22616 counter.li.org
Departamento de Informatica                     Fono: +56 32 654431
Universidad Tecnica Federico Santa Maria              +56 32 654239
Casilla 110-V, Valparaiso, Chile                Fax:  +56 32 797513
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Stelian Pop: "[PATCH 2.4.21-pre4] sonypi and input subsystem integration"
Previous message: H. Peter Anvin: "Re: kernel.org frontpage"
In reply to: Jos Hulzink: "Re: Bootscreen"
Next in thread: Oliver Neukum: "Re: Bootscreen"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Jan 31 2003 - 22:00:21 EST