From owner-freebsd-security  Thu May 21 09:17:03 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id JAA01856
          for freebsd-security-outgoing; Thu, 21 May 1998 09:17:03 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from firewall.ftf.dk (root@mail.ftf.dk [129.142.64.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA01846
          for <freebsd-security@FreeBSD.ORG>; Thu, 21 May 1998 09:16:58 -0700 (PDT)
          (envelope-from regnauld@deepo.prosa.dk)
Received: from mail.prosa.dk ([192.168.100.2]) by firewall.ftf.dk (8.7.6/8.7.3) with ESMTP id UAA15419 for <freebsd-security@FreeBSD.ORG>; Thu, 21 May 1998 20:17:29 +0200
Received: from deepo.prosa.dk (deepo.prosa.dk [192.168.100.10])
	by mail.prosa.dk (8.8.5/8.8.5/prosa-1.1) with ESMTP id SAA21144
	for <freebsd-security@FreeBSD.ORG>; Thu, 21 May 1998 18:41:36 +0200 (CEST)
Received: (from regnauld@localhost)
	by deepo.prosa.dk (8.8.7/8.8.5/prosa-1.1) id SAA05380;
	Thu, 21 May 1998 18:15:56 +0200 (CEST)
Message-ID: <19980521181555.59333@deepo.prosa.dk>
Date: Thu, 21 May 1998 18:15:55 +0200
From: Philippe Regnauld <regnauld@deepo.prosa.dk>
To: freebsd-security@FreeBSD.ORG
Subject: Re: Virus on FreeBSD
References: <199805210018.RAA04596@passer.osg.gov.bc.ca> <199805210149.LAA25157@frenzy.ct> <199805211431.KAA17444@brain.zeus.leitch.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Mailer: Mutt 0.88e
In-Reply-To: <199805211431.KAA17444@brain.zeus.leitch.com>; from Greg A. Woods on Thu, May 21, 1998 at 10:31:08AM -0400
X-Operating-System: FreeBSD 2.2.5-STABLE i386
Organization: PROSA
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

Greg A. Woods writes:

> Anyone who's read that article and has even the tiniest amount of
> imagination would *NEVER* run LKMs on a production machine.  Sure

	BTW, is there a mechanism to disable loading of LKMs ?
	(of course, removing the modload command is one way) -- I was
	thinking about something that looked at the securelevel
	and refused to load/unload a module depending on it.

-- 
 -[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]-
     «Pluto placed his bad dog at the entrance of Hades to keep the dead
      IN and the living  OUT!  The archetypical corporate firewall?»
                                                       - S. Kelly Bootle

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message