Daniel Struck wrote: >> Last version of hardened-sources has GrSecurity option for this: >> >> ---cut--- >> Runtime module disabling (GRKERNSEC_MODSTOP) [N/y/?] (NEW) ? >> > > Thanks, I didn't know grsecurity already includes this feature. > Indeed I have already compiled this feature in the kernel but didn't > know about the sysctl switch "/proc/sys/kernel/grsecurity/disable_modules". > Doesn't prevent rootkits, only raises the bar. From what I've read on the kernel list, there are still ways to get code into a running kernel, even with modules disabled. It's just harder
Dale Pontius -- [email protected] mailing list
