On pe, 2003-10-03 at 15:02, gabriel wrote: > what if you disabled "loadable module support" in the kernel?
Wont help you as it is possible to insert code directly into the kernel via /dev/kmem. Making the kernel memory read-only is an option for combatting malicious kernel module injection. This can be done IIRC with grsecurity patches.
signature.asc
Description: This is a digitally signed message part
This message has been 'sanitized'. This means that potentially
dangerous content has been rewritten or removed. The following
log describes which actions were taken.
Sanitizer (start="1065184022"):
Forcing message to be multipart/mixed, to facilitate logging.
Writer (pos="862"):
Part (pos="1031"):
Part (pos="191"):
SanitizeFile (filename="unnamed.txt", mimetype="text/plain"):
Match (names="unnamed.txt", rule="9"):
Enforced policy: accept
Part (pos="690"):
SanitizeFile (filename="signature.asc", mimetype="application/pgp-signature"):
Match (names="signature.asc", rule="15"):
ScanFile (file="/var/quarantine/att-signature.asc-3f7d6b16.KJ"):
Scan succeeded, file is clean.
Enforced policy: accept
Anomy 0.0.0 : Sanitizer.pm
Sanitizer version 1.63 (Debian GNU/Linux)
-- [EMAIL PROTECTED] mailing list
