On Dec 26, Russell Coker <russ...@coker.com.au> wrote: > For many of the things that can be done by loading a kernel module an > attacker > can achieve similar goals by replacing libc or by using ptrace to install > hostile code in a long-running process that runs as root. Or load code in the kernel using /dev/mem, preventing loading modules only stops simple attacks.
> For > example it would be good to be able to white list the currently loaded > modules > (and optionally remove some from the white-list for hardware that is > installed > but never used) and then make a small white-list for the USB devices that are > suitable for use. You can easily do this with a udev rules file. -- ciao, Marco
signature.asc
Description: Digital signature