On Tue, Mar 01, 2005 at 07:42:41AM +1100, O Plameras wrote: [...] > > I think the differences of interpretation here were in the way I and you > conceptualize > the kernel codes.
No, it's that you've changed what you're talking about half-way through the thread. [...] > > In the context at the beginning of this discussion is the issue of > security. I was trying > to say I re-compile the kernel I used when it is critical to security. I > went on to say > the object of re-compiling is to prevent anyone 'rootkit'ing by LKM. And > I went on to > say I can prevent someone 'rootkit'ing by LKM by removing modules > (not configuring modules) in the kernel. You claimed: > No one can load kernel codes other than loadable kernel modules(LKM) that are > 'enabled'. If you try to load an LKM that is not configured the Kernel will > not allow it. And because only a dozen or so LKMs are enabled instead of, > perhaps, hundreds LKMs, it is easy to manage these. This is false, but you still haven't admitted that it was anywhere that I can see. And this is a much different claim to saying that running a monolithic kernel (where loadable kernel module support is disabled by CONFIG_MODULES=n) prevents loading of any kernel module, hostile or not. > But it does not bother me to see that discussions arise about trivial > items on symantecs > which are not helpful as far as I am concerned. I'm more interested to > learn what others > are doing in terms of security, etc., the things that matters most > rather than trivialities. It bothers me that you said something false. You then claimed that you meant something else, by saying your definition of "module" was something else. Unfortunately, the term "loadable kernel module", which you used, clearly means something other than your definition. I strongly recommend trying to use the same terminology as everyone else. It will make these discussions much more productive, and it will look a lot less like you're trying to change positions half-way through an argument. -Andrew. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
