Allowed modules list
Posted Mar 18, 2004 7:01 UTC (Thu) by
sweikart (guest, #4276)
In reply to:
Allowed modules list by corbet
Parent article:
A new Adore root kit
>In either case, however, you must contend with the fact that it is still
>possible to patch code into the kernel without loading a module via /dev/mem.
To block access through /dev/mem, just drop the sys_rawio capability. [You
might even be able to drop sys_rawio after starting X; I've only dropped it
on servers.]
Some good references are:
http://lwn.net/1999/1202/kernel.php3
http://lwn.net/2000/0629/backpage.php3 # Subject: disabling module loading
(
Log in to post comments)