Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Wed, 29 Jan 2003 04:48:36 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Wed, 29 Jan 2003 04:48:36 -0500 Received: from waldorf.cs.uni-dortmund.de ([129.217.4.42]:58303 "EHLO waldorf.cs.uni-dortmund.de") by vger.kernel.org with ESMTP id ; Wed, 29 Jan 2003 04:48:35 -0500 Message-Id: <200301290957.h0T9vqUL011886@eeyore.valparaiso.cl> To: Jos Hulzink Cc: Linux Kernel Mailing List Subject: Module security [Was: Re: Bootscreen] In-Reply-To: Your message of "Tue, 28 Jan 2003 15:45:45 +0100." <20030128153533.X28781-100000@snail.stack.nl> Date: Wed, 29 Jan 2003 10:57:52 +0100 From: Horst von Brand Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Jos Hulzink said: [...] > Oh, and using modules is a (minor) security issue. I have all my drivers > compiled in the kernel. I like it and it is secure. There are ways of installing rogue "modules" even without module support. Google and ye shall find... [One of the online cracker mags had an extensive article on module/kernel based rootkits some 6-10 months ago]. And if "someone" gets root, they can leave behind a doctored kernel any time they want. You'll never notice... -- Dr. Horst H. von Brand User #22616 counter.li.org Departamento de Informatica Fono: +56 32 654431 Universidad Tecnica Federico Santa Maria +56 32 654239 Casilla 110-V, Valparaiso, Chile Fax: +56 32 797513 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/