| 1 |
On 3/22/19 10:46 AM, Peter Humphrey wrote: |
| 2 |
> Hello list, |
| 3 |
> |
| 4 |
> Years ago, in the days of Yggdrasil I think, the received wisdom was that |
| 5 |
> enabling kernel module loading was a bad idea because an attacker might be |
| 6 |
> able to load malicious software directly into the kernel. No modules --> one |
| 7 |
> more attack route closed. |
| 8 |
> |
| 9 |
> What is the current thinking on this topic? I'm not trolling; I'd like to know |
| 10 |
> which way to go with a new box. |
| 11 |
> |
| 12 |
|
| 13 |
The only way a non-root user can load a module into the kernel is if the |
| 14 |
kernel itself has a critical security flaw in the module-loading code. I |
| 15 |
would hope that said code is bullet-proof by now, but the risk is |
| 16 |
non-zero I guess. |
| 17 |
|
| 18 |
On the other hand, kernel drivers go ape-shit on me all the time, and |
| 19 |
having the ability to force-unload and reload them (without a reboot) is |
| 20 |
a life saver. Being able to build and load one module at a time also |
| 21 |
speeds up the kernel build -> oops I forgot something -> build loop. |
Archives