>
> Richard Adams wrote:
> >
> <snip>
> >
> > You will have to explain that one as a normal _user_ cannot load or unload
> > modules. Not on my machines at least.
> >
> <snip>
> True, but then it just opens another door to attackers, because it is
> surely easier to modify a file (/etc/modules.conf) to load
O, again a user cannot do that, /etc/conf.modules is read-only or at least
it should be.
> trojan_horse.o instead of ppp.o than poke around directly in the kernel
> image.
> That is clearly a very hypothetical attack, because if you have
> write-access to the root fs, then there are other files that are subject
> to attacks (thinking of /etc/hosts.*), but if you don't really need
> modules, why keep one more door open?
/etc/hosts* should also all be read-only.
>
> Marc
>
> --
> Marc Mutz <[EMAIL PROTECTED]> http://marc.mutz.com/
> University of Bielefeld, Dep. of Mathematics / Dep. of Physics
>
> PGP-keyID's: 0xd46ce9ab (RSA), 0x7ae55b9e (DSS/DH)
>
--
Regards Richard.
[EMAIL PROTECTED]
