| 1 |
Daniel Struck wrote: |
| 2 |
>> Last version of hardened-sources has GrSecurity option for this: |
| 3 |
>> |
| 4 |
>> ---cut--- |
| 5 |
>> Runtime module disabling (GRKERNSEC_MODSTOP) [N/y/?] (NEW) ? |
| 6 |
>> |
| 7 |
> |
| 8 |
> Thanks, I didn't know grsecurity already includes this feature. |
| 9 |
> Indeed I have already compiled this feature in the kernel but didn't |
| 10 |
> know about the sysctl switch "/proc/sys/kernel/grsecurity/disable_modules". |
| 11 |
> |
| 12 |
Doesn't prevent rootkits, only raises the bar. From what I've read on |
| 13 |
the kernel list, there are still ways to get code into a running kernel, |
| 14 |
even with modules disabled. It's just harder |
| 15 |
|
| 16 |
Dale Pontius |
| 17 |
|
| 18 |
-- |
| 19 |
gentoo-hardened@g.o mailing list |
Archives