On 26/12/11 14:15, Russell Coker wrote: > But it seems to me that a more useful feature would be the ability to create > a > white-list of which modules can be loaded to solve the problem of unwanted > triggers for module loading and the problem of buggy kernel modules being > autoloaded in response to something an attacker did. If we had some module > management tools that made this easy then it would be a good thing. For > example it would be good to be able to white list the currently loaded > modules > (and optionally remove some from the white-list for hardware that is > installed > but never used) and then make a small white-list for the USB devices that are > suitable for use.
https://lwn.net/Articles/470906/ -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Carlos Alberto Lopez Perez http://neutrino.es Igalia - Free Software Engineering http://www.igalia.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
signature.asc
Description: OpenPGP digital signature