Hello,
> > Strange problem with my raqs tring to get lcap to start with the system
> > rebooting. In /etc/rc.d.rc.local I have:
> >
> > #Start Lcap
> > /sbin/lcap CAP_SYS_MODULE
> >
> > to start Lcap automatically but this fails> i can still load modules?
>
> How do you know you can still load 'modules'?
> What kind of 'modules' kernel?
> It only stops kernel modules from being loaded.
After a reboot I load a basic hello.c script
#define MODULE
#include <linux/module.h>
/* Loads the module in the kernel */
int init_module(void)
{
printk("<1>Hello, world\n");
return 0;
}
/* Removes a module from the kernel */
void cleanup_module(void)
{
printk("<1>Goodbye cruel world\n");
}
This loads without complaint > Jun 30 09:43:04 ns2 kernel: Hello, world
However after removing the kernel module then running /sbin/lcap CAP_SYS_MODULE
kernel mods are no longer able to be installed.
Jon
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
