What protection does module versioning provide?
Posted Mar 18, 2004 13:21 UTC (Thu) by rankincj
In reply to: Allowed modules list
Parent article: A new Adore root kit
How would the attacker arrange for the module to get silently reloaded after a reboot? Wouldn't they need to hook something into your init scripts somehow? And what happens when you upgrade or recompile your kernel? You may be able to force an insmod of Adore's modules, but there's no guarantee that they would still work.
to post comments)