On Sun, Aug 03, 2003 at 08:09:50PM +0200, bert hubert wrote:
> It blocks attempts by rootkits, such as devik's SucKIT, to hide themselves.
>
> It is not a final solution but it raises the bar a lot. Please apply.
>
> By default, nothing is changed, but I'd turn this feature on on servers
> without X. Patch:
Why not make this change dynamic instead ? eg : your system boots unlocked,
and definitely locks /dev/{,k}mem once you do something such as
echo foo > /proc/path_to_magic_entry
So the same config can be used with kernel with and without X, it's just a
matter of runtime configuration. It could even be a sysctl, as long as there's
no way to unset it.
Regards,
Willy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 07 2003 - 22:00:21 EST