RE: Disabling module loading with a module?

fvw (fvw@chello.nl)
Tue, 17 Aug 1999 15:36:02 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Fred Reimer: "Re: Linux 2.2.12pre"
Previous message: fvw: "RE: Disabling module loading with a module?"

On Tue, 17 Aug 1999, Jones D (ISaCS) wrote:
> You missed my point.
> The attack would have gained root. He could 'exec rm -rf /'
> or fdisk, or 'cat /dev/random > /dev/sda', or _anything_ else.
True, at the moment the attack succeeds the machine is lost. But the danger is
with machines on trust-networks. This would hinder covering up so an attack on
the next host could be mounted.

BTW: cat /dev/random > /dev/sda would be *bloody* slow.

> Disabling modules interface won't stop bad people doing bad things.
> It will just stop good people doing anything productive.
That is why the user always has the choice whether or not to use security
feature X. I'm not suggesting putting it in the main kernel defaulting it to on,
I'm just poking around, looking for opinions and enlightenment.

> Time would be better spent improving security elsewhere.
> Instead of thinking of ways to stop people doing things when they get in,
> stop them getting in in the first place..
I like to try at least both. But I agree, securing getting in bit is certainly
higher priority.

Frank v Waveren fvw@chello.nl ICQ# 10074100

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Fred Reimer: "Re: Linux 2.2.12pre"
Previous message: fvw: "RE: Disabling module loading with a module?"