Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
(Nearly) full tickless operation in 3.10
what if someone provides a patch to silently _include_ a security hole?
How can a sysadmin make sure his kernel won't be patched that way?
Ksplice: kernel patches without reboots
Posted Apr 30, 2008 11:16 UTC (Wed) by nowster (subscriber, #67)
The black hats have already done this. Modules that patch the kernel have been part of
rootkits for a while.
Posted Apr 30, 2008 12:24 UTC (Wed) by nix (subscriber, #2304)
Don't allow module loading and remove CAP_SYS_RAWIO from the capability bounding set so that
use of /dev/mem, /dev/kmem et al is barred.
(Of course this stops you using ksplice, systemtap et al as well.)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds