Hello, > > I don't know of any exploitable-by-non-root-users holes in Linux's > > kernel module loading. If you've let the intruder get root on your > > firewall you're already so badly hosed that I don't think the existence > > of dynamically loadable kernel modules is going to leave you much worse > > off. > > I wondered if this had ever happened vs. theoretical concern....anybody > have an instance to share?
Well, all I know is, that we should eigter: a) avoid root-process on the running system (priveleges) b) make it impossible even for root to compromise the system permanently (securelevel) Greetings Bernd -- (OO) -- [EMAIL PROTECTED] -- ( .. ) [EMAIL PROTECTED],linux.de,debian.org} http://home.pages.de/~eckes/ o--o *plush* 2048/93600EFD [EMAIL PROTECTED] +497257930613 BE5-RIPE (O____O) If privacy is outlawed only Outlaws have privacy -- E-mail the word "unsubscribe" to [EMAIL PROTECTED] TO UNSUBSCRIBE FROM THIS MAILING LIST. Trouble? E-mail to [EMAIL PROTECTED] .
