Re: [DSA-403-1] Kernel update?

To: debian-user@lists.debian.org
Subject: Re: [DSA-403-1] Kernel update?
From: Magnus von Koeller <magnus@vonkoeller.de>
Date: Sat, 6 Dec 2003 11:08:25 +0100
Message-id: <[🔎] 200312061108.28966@vonkoeller.de>
In-reply-to: <[🔎] 20031206070950.GM9275@ix.netcom.com>
References: <[🔎] 20031203202423.GG7046@hank.org> <[🔎] 87d6b538va.fsf@everett.mit.edu> <[🔎] 20031206070950.GM9275@ix.netcom.com>

On Saturday 06 December 2003 08:09, Karsten M. Self wrote:
> The _other_ advantage, though of a compile-in-what-you-need kernel
> is that you can then turn _off_ loadable module support.  For
> highly sensitive servers in hostile-facing environments, this can
> eliminate an entire class of potential attacks right there.

That's, unfortunately, not quite correct. It makes these attacks (for 
example installing a Kernel rootkit) _harder_ but not impossible. 
AFAIK, it's quite possible to write a module loader even without 
loadable module support in the kernel. (Don't ask me how, though.)

-- 
---  Magnus von Koeller ---
email:    magnus@vonkoeller.de
address:  International University
          Campus 9, App. 13
          D-76646 Bruchsal / Germany
phone:    +49-7251-700-659
mobile:   +49-179-4562940
web:      http://www.vonkoeller.de

Attachment: pgpT2SNKePjqH.pgp
Description: signature

Reply to:

References:
- Re: [DSA-403-1] Kernel update?
  - From: Bill Moseley <moseley@hank.org>
- Re: [DSA-403-1] Kernel update?
  - From: David Z Maze <dmaze@debian.org>
- Re: [DSA-403-1] Kernel update?
  - From: "Karsten M. Self" <kmself@ix.netcom.com>

Prev by Date: (New to debian)Need help for this weird network problem!
Next by Date: Re: compiling kernel for another system
Previous by thread: Re: [DSA-403-1] Kernel update?
Next by thread: Re: [DSA-403-1] Kernel update?
Index(es):
- Date
- Thread