Re: Kernel security advice
On Sat, Feb 19, 2005 at 09:42:48AM +1100, email@example.com wrote:
yes - and I have been the victim of one of these (the 'suckit' rootkit).
But at least using non-modular kernels prevents one class of attacks...
Sure. At a fairly high cost in administrative overhead you can prevent
one fairly narrow category of attack (one which I've seen fail in the
field a *lot* because the kiddies run into problems of compatability
between kernel versions). I have yet to see a convincing argument that
the dubious benefit justifies the cost.