Re: down to the core

To: debian-firewall@lists.debian.org
Subject: Re: down to the core
From: Arnt Karlsen <arnt@c2i.net>
Date: Wed, 28 Jul 2004 09:28:01 +0200
Message-id: <[🔎] 20040728092801.3e88b6cd.arnt@c2i.net>
In-reply-to: <[🔎] 87pt6gomh5.fsf@enki.rimspace.net>
References: <[🔎] 1090621559.5213.3.camel@jmedina.calcom.com.mx> <[🔎] 20040723231429.81956.qmail@web11901.mail.yahoo.com> <[🔎] 87ekn21a7b.fsf@enki.rimspace.net> <[🔎] 4103F0F6.1020703@verizon.net> <[🔎] 20040727151042.M22307@etalon.net> <[🔎] 87pt6gomh5.fsf@enki.rimspace.net>

On Wed, 28 Jul 2004 13:10:46 +1000, Daniel wrote in message 
<[🔎] 87pt6gomh5.fsf@enki.rimspace.net>:

> One thing which will *not* enhance security, but is often claimed to
> do so, is disabling kernel modules.  Even if you don't use them, an
> attacker with root privileges can still insert code into the running
> kernel successfully, with the same result as loading a kernel module.

..this would requires the presence of the loadable module, 
or _could_ the attacker provide it?

-- 
..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.

Reply to:

Follow-Ups:
- Re: down to the core
  - From: Harald Gröne <h.groene@gmx.net>
- Re: down to the core
  - From: Mike Mestnik <cheako911@yahoo.com>

References:
- Re: down to the core
  - From: Jorge Armando Medina <jmedina@calcom.com.mx>
- Re: down to the core
  - From: Mike Mestnik <cheako911@yahoo.com>
- Re: down to the core
  - From: Daniel Pittman <daniel@rimspace.net>
- Re: down to the core
  - From: Sykotic <sykoticchaos@verizon.net>
- Re: down to the core
  - From: "Michael" <michael@etalon.net>
- Re: down to the core
  - From: Daniel Pittman <daniel@rimspace.net>

Prev by Date: Re: pppoeconf problems
Next by Date: Re: down to the core
Previous by thread: Re: down to the core
Next by thread: Re: down to the core
Index(es):
- Date
- Thread