Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Sun, 20 Jan 2002 22:50:13 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Sun, 20 Jan 2002 22:50:04 -0500 Received: from taifun.devconsult.de ([212.15.193.29]:62724 "EHLO taifun.devconsult.de") by vger.kernel.org with ESMTP id ; Sun, 20 Jan 2002 22:49:57 -0500 Date: Mon, 21 Jan 2002 04:49:52 +0100 From: Andreas Ferber To: Bruce Harada Cc: Frank van de Pol , linux-kernel@vger.kernel.org Subject: Re: Hardwired drivers are going away? Message-ID: <20020121044952.A21348@devcon.net> Mail-Followup-To: Bruce Harada , Frank van de Pol , linux-kernel@vger.kernel.org In-Reply-To: <14160.1011396163@ocs3.intra.ocs.com.au> <20020121002041.B1958@idefix.fvdpol.home.nl> <20020121095458.2bd9c7ed.bruce@ask.ne.jp> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020121095458.2bd9c7ed.bruce@ask.ne.jp>; from bruce@ask.ne.jp on Mon, Jan 21, 2002 at 09:54:58AM +0900 Organization: dev/consulting GmbH X-NCC-RegID: de.devcon Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jan 21, 2002 at 09:54:58AM +0900, Bruce Harada wrote: > > ...and how would you guarantee that this setting remains set, in the face of > some nasty little cracker screwing around with /dev/kmem? If the attacker gained the ability to play with /dev/kmem, he can already load modules into the kernel, regardless if the kernel is actually compiled with module support or not. You can find various papers describing how to do it via google, and AFAIK some rootkits are already using those techniques, so it's even "scriptkiddy-ready". Face it, there is absolutely /no/ security gain in disabling module support. Andreas -- Andreas Ferber - dev/consulting GmbH - Bielefeld, FRG --------------------------------------------------------- +49 521 1365800 - af@devcon.net - www.devcon.net - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/