On 24 Feb 2006 at 17:00, pietro ferrari wrote: > On 2/24/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > On 24 Feb 2006 at 13:18, Dale Pontius wrote: > > > Doesn't prevent rootkits, only raises the bar. From what I've read on > > > the kernel list, there are still ways to get code into a running kernel, > > > > such as? > > writting directly to /dev/mem
quote from an earlier post in the thread: ------------------------------------------------------------------------ You should enable the /dev/mem protection feature as well, since rootkits can be inserted into the kernel via other methods than kernel modules. ------------------------------------------------------------------------ this feature (among many others) has existed in grsec for many years now. -- [email protected] mailing list
