Date: Fri, 22 May 1998 14:02:08 GMT From: ark@eltex.spb.ru To: freebsd-security@FreeBSD.ORG Cc: regnauld@deepo.prosa.dk Subject: Re: Virus on FreeBSD Message-ID: <199805221402.OAA16417@paranoid.eltex.spb.ru> In-Reply-To: <199805211901.PAA23176@brain.zeus.leitch.com> from "woods@zeus.leitch.com (Greg A. Woods)"
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- nuqneH, woods@zeus.leitch.com (Greg A. Woods) said : > [ On Thu, May 21, 1998 at 18:15:55 (+0200), Philippe Regnauld wrote: ] > > Subject: Re: Virus on FreeBSD > > > > Greg A. Woods writes: > > > > > Anyone who's read that article and has even the tiniest amount of > > > imagination would *NEVER* run LKMs on a production machine. Sure > > > > BTW, is there a mechanism to disable loading of LKMs ? > > (of course, removing the modload command is one way) -- I was > > thinking about something that looked at the securelevel > > and refused to load/unload a module depending on it. > > Not difficult at all, thankfully. Just define NO_LKM in your kernel > configuration (from the /sys/i386/conf/LINT kernel config example): > > # If you want to disable loadable kernel modules (LKM), you > # might want to use this option. > options NO_LKM > > I've not done a code walkthrough to ensure this is 100%, but it's a good > start and at least prevents modload from being useful. 2.1.7.1 does not have NO_LKM option in LINT. Don't know if it does something for that system. _ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one! -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBNWWFX6H/mIJW9LeBAQHp/AQAicOQcxk6CZAO3VSxnLHKAIYSsyRgj+2i /1U6AEmn1wI+VdbEk9o/1xxMAMFsV89UWwf3qhZi+qbSWdUvY7kxY7WNJe/mEi3Y uQqfkEwbSQgTTUZc1SUbxdqV+Za/7MS8Y4oxct3640oCBbsSuAjcQG44p7ZxpBqE aYfqvFlu5gg= =mPGa -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199805221402.OAA16417>