From owner-freebsd-security Thu May 21 11:30:13 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA28349 for freebsd-security-outgoing; Thu, 21 May 1998 11:30:13 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from burka.rdy.com (dima@burka.rdy.com [205.149.163.30]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA28228 for ; Thu, 21 May 1998 11:29:48 -0700 (PDT) (envelope-from dima@burka.rdy.com) Received: (from dima@localhost) by burka.rdy.com (8.8.8/RDY&DVV) id LAA07981; Thu, 21 May 1998 11:29:37 -0700 (PDT) Message-Id: <199805211829.LAA07981@burka.rdy.com> Subject: Re: LKMs (Was: Virus on FreeBSD) In-Reply-To: <19980521111653.A9283@homer.louisville.edu> from Keith Stevenson at "May 21, 98 11:16:53 am" To: k.stevenson@louisville.edu (Keith Stevenson) Date: Thu, 21 May 1998 11:29:37 -0700 (PDT) Cc: freebsd-security@FreeBSD.ORG X-Class: Fast Organization: HackerDome Reply-To: dima@best.net From: dima@best.net (Dima Ruban) X-Mailer: ELM [version 2.4ME+ PL40 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk Keith Stevenson writes: > Ok, I'll buy off on the idea that LKMs can be bad from a security standpoint. > How does one go about removing that functionality from the system? Add: options NO_LKM to your kernel config file. > > Thanks, > --Keith Stevenson-- > > -- > Keith Stevenson > System Programmer - Data Center Services - University of Louisville > k.stevenson@louisville.edu > PGP key fingerprint = 4B 29 A8 95 A8 82 EA A2 29 CE 68 DE FC EE B6 A0 > > On Thu, May 21, 1998 at 10:31:08AM -0400, Greg A. Woods wrote: > > > > A "published" LKM that can do the most nasty things was in the Phrack > > newsletter issue #51. > > > > Anyone who's read that article and has even the tiniest amount of > > imagination would *NEVER* run LKMs on a production machine. Sure > > they're a great tool for doing OS developement and experimention at the > > lowest levels, but they're more dangerous in a production environment > > than not even having a root password in the first place (at least with > > the latter you *know* your security is blown). > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe security" in the body of the message > -- dima To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message