-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>>>> "Shuvam" == Shuvam Misra <[EMAIL PROTECTED]> writes:
>> Statically Linked kernel results performance improvement(fast
>> booting) as well as A Secure System, because now a days maximum
>> Hacking are done through Kernel Loadable Module.
Shuvam> This last bit about security is interesting. If I need to
Shuvam> insert or replace a kernel loadable module, I'll already
Shuvam> have to be root on the server in question. If I'm already
Shuvam> root, why do I need kernel loadable modules or anything
Shuvam> else for that matter?
Rootkits typically install loadable modules to intercept process
listings and filesystem calls and enable them (the rootkits) to hide
their processes and files. All toward the objective of making the
rootkit more difficult to detect.
However, the original poster's comment, that using static drivers,
etc. is more secure, is only true if you disable loadable modules
entirely in your kernel. Otherwise the rootkit will be able to
install its LKM in any case, regardless of how your kernel components
are linked.
- -- Raju
- --
Raj Mathur [EMAIL PROTECTED] http://kandalaya.org/
GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F
It is the mind that moves
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.6 and Gnu Privacy Guard <http://www.gnupg.org/>
iD8DBQE/TdG5yWjQ78xo0X8RAgOIAJ9X7D8vsbB96qkgchwnjeojMDfjkQCdHRYl
eD4eDrkAiZNLH4OUo0opkqM=
=5xL7
-----END PGP SIGNATURE-----
_______________________________________________
ilugd mailing list
[EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
