On 3/22/19 10:46 AM, Peter Humphrey wrote: > Hello list, > > Years ago, in the days of Yggdrasil I think, the received wisdom was that > enabling kernel module loading was a bad idea because an attacker might be > able to load malicious software directly into the kernel. No modules --> one > more attack route closed. > > What is the current thinking on this topic? I'm not trolling; I'd like to > know > which way to go with a new box. >
The only way a non-root user can load a module into the kernel is if the kernel itself has a critical security flaw in the module-loading code. I would hope that said code is bullet-proof by now, but the risk is non-zero I guess. On the other hand, kernel drivers go ape-shit on me all the time, and having the ability to force-unload and reload them (without a reboot) is a life saver. Being able to build and load one module at a time also speeds up the kernel build -> oops I forgot something -> build loop.
