On Mon, 12 Jun 2006 11:16:56 -0700, Evan Klitzke wrote: > I have heard a security argument made that it is safer to compile > everything into the kernel, and disable support for modules entirely. > The reason for this is that if someone can load malicious modules on > your system they can basically circumvent any security systems you are > using, including things like SELinux and grsec.
This is only relevant is all your hardware can be supported by in-kernel modules. Add one item that needs a 3rd party module and you are forced to enable module loading. -- Neil Bothwick "Bother," said Pooh, as the vice squad took his GIFS
signature.asc
Description: PGP signature
