IMHO the security risks associated with modules is not the potential for
getting higher permissions but rather that having the loadable module
capability makes it *easier* to hide your code and actions once you're
in because what you would want to do is change the running kernel to
hide your actions and loadable modules makes it easier to dynamically
change a running kernel in general (DUH! :-). In short - LKM support
doesn't open any doors; It does makes it slightly easier to stay
invisible once you're in.
There are, again IMHO, much simpler things that I'm willing to bet
company X isn't doing (because no one is doing them) that would help
much more to security then disabling LKM support. For example - when you
download a new update of a kernel (or any program for that matter)
source/patch (or binary package) from the net do you check the GPG
signature validity? I would be VERY surprised if you answer 'yes'...
:-))
Gilad.
>
> Alan
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/