> > Kernel modules can hide evidence of a crack, thus allowing crackers to
> > penetrate further into the network.
>
> So can a dozen other methods. If you got root, you've the run of the
> system anyway. The _only_ way to go around that is to have a printer
> connected and send all syslog there.
This is true so long as root is all-powerful. Securelevel means
that this isn't always the case.
Matthew.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/