Re: A question about Knark and modules

To: <debian-security@lists.debian.org>
Subject: Re: A question about Knark and modules
From: "Sjarn Valkhoff" <valkho1@mailme.co.za>
Date: Sun, 17 Jun 2001 13:54:14 +0200
Message-id: <[🔎] 002301c0f724$562f07e0$0200a8c0@terminal02>

> lcap CAP_SYS_MODULE CAP_SYS_RAWIO

Thanks for the input. Two points:

1. I coming at this problem as a laptop user so pcmcia modules must remain
and be loadable and unloadable at will - as far as I know, there is no
direct
way to compile pcmcia modules directly into the kernel like the other
drivers.

2. What if /dev/mem access was determined at kernel compile time as an
option?
I'm not familiar with lcap, but I assume it disables access to /dev/mem
without
breaking anything, so why not make this risky access optional at kernel
level?

> i suggest installing all security updates immediatly when they arrive
> and vigilent sysadmin.  those will keep your box uncompromised better
> then anything (except turning it off).

Concurred, however, I prefer proactive rather than reactive. The danger of
undisclosed exploits always leaves this area of doubt. If the expoilt cannot
happen in the first place, a whole generation of exploits is eliminated at
once.

--------------
Sjarn Valkhoff

Reply to:

Follow-Ups:
- Re: A question about Knark and modules
  - From: Ethan Benson <erbenson@alaska.net>

Prev by Date: Re: A question about Knark and modules
Next by Date: Re: A question about Knark and modules
Previous by thread: Re: A question about Knark and modules
Next by thread: Re: A question about Knark and modules
Index(es):
- Date
- Thread