RE: Disabling module loading with a module?
fvw (fvw@chello.nl)
Tue, 17 Aug 1999 15:12:36 +0200
On Tue, 17 Aug 1999, Jones D (ISaCS) wrote:
> > Recently there has been some discussion on BSDs securelevels
> > (or whatever they're
> > called. I'm just a beginner :*-( ), (Especially after the
> > (alleged) hack of
> > the (alledged) internet auditing project) , and the
> > posibility of disabling
> > the loading of modules without going down to single-user mode first.
> >
> > Would it be possible to make a module for the linux kernel
> > that mimics this, by
> > disabling the loading of modules? Could a module trap the
> > necessary system
> > calls for inserting a module, and disable them? That way It
> > could act as a sort
> > seal that is loaded after all modules are loaded at startup.
>
>
> What would be the point of this?
> Normal users can't insert modules anyway. Knocking out support for
> modules insertion after startup just imposes limitations.
>
> If a hacker has got the privs to insert modules, he could recompile
> a kernel without the module-lockout-after-startup routines anyhow.
>
> Personally I feel this would be a wasted effort.
Yes, but this would require a reboot, something which on most systems is quite
noticable, and can even be disabled by cmos pw's.
I thought it might be usefull in trusted host networks, to stop one crack from
cascading.
> btw: I seem to recall this (or similar) idea being proposed several times
> in the last few months.
I must have missed it, although I try to keep up with most security ideas. My
apologies.
--
Frank v Waveren
fvw@chello.nl
ICQ# 10074100
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/