LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Multipath TCP: an overview

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Allowed modules list

Allowed modules list

Posted Mar 18, 2004 7:01 UTC (Thu) by sweikart (guest, #4276)
In reply to: Allowed modules list by corbet
Parent article: A new Adore root kit 

>In either case, however, you must contend with the fact that it is still 
>possible to patch code into the kernel without loading a module via /dev/mem.

To block access through /dev/mem, just drop the sys_rawio capability.  [You
might even be able to drop sys_rawio after starting X; I've only dropped it 
on servers.]

Some good references are:
   http://lwn.net/1999/1202/kernel.php3
   http://lwn.net/2000/0629/backpage.php3  # Subject: disabling module loading

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds