Re: remove unwanted modules
On 09/21/05 09:06:44PM -0500, Marc DM wrote:
>
>
> Jim Crilly wrote:
>
> >But why do you want to do this? A full modules directory in /lib/`uname -r`
> >only takes up ~40M. And who knows when you'll plug in some new USB device
> >or something and wish you had that module handy.
> >
> >
> Actually, I wanted to know just for knowing purposes.
>
> The other reason I wanted to know is because I'm using Debian with a
> single Opteron246 to create a router to handle traffic between 4 vlans
> and the internet. So I wanted to make sure that I didn't have any
> modules in there that might be a potential security threat nor any that
> would degrade performance solely due to its presence.
>
> Know of any?
Just a guess, but if a module was known to be a security problem it would
most likely have been removed or fixed =) And since you need to be root (or
at least have CAP_SYS_MODULE) to load/unload modules, the box will already
be compromised by the time they can load any potentially malicious modules.
And as for performance, I really doubt any modules would slow anything down
to the point where you would notice. Most of the modules that might affect
performance require you to do something to activate them, like even if you
load every iptables module available it won't matter unless you have rules
to make them do something. Especially with a box as fast as an Opteron.
You might end up with a little less free memory if you load a few modules
that you don't plan on using, but most modules are only few K each anyway.
>
> Marc DM
>
Jim.
Reply to: