I might have been a bit unclear with the reason I would (Theoretically, my
systems are exactly fortressess anyway) want to do this. It is meant as a way
to hinder methods to cover up a system has been cracked. What made me think
about this was the story about the internet auditing project of wich one of the
hosts was cracked, and it was very cunningly disguised by loading a kernel
module which hides a number of running processes etc. A cracker could easily
reverse the permissions on modprobe, or upload his/her (well, face it: his)
version of modprobe.
--Frank v Waveren fvw@chello.nl ICQ# 10074100
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/