On Sat, Oct 09, 1999 at 08:05:13PM +0200, Marc Mutz wrote:
> Steve Youngs wrote:
> >
> <snip>
> >
> > > Using modules...
>
> <snip agreed>
> >
> > > 3.) ...lowers security a bit
> >
> > Totally Disagree
> >
> Of course you do... We had this exact discussion some time ago here on
> lnml. Since then, I found a message to bugtraq from a few years ago that
> described a module that - once loaded - would redefine syscalls like
> read and write to mask it's existance entirely.
>
> They could e.g. hide arbitrary content of directories and even fake
> lsmod. So you have a means of compromising a system without _any_ chance
> to be reveiled[1]. Not something you want to happen.
This is true. I followed a thread on linux-kernel on this very topic about
6 months ago.
--
My public encryption key is available from
www.az.com/~drysdam/crypt/rysdam.gpg.html
and of course www.keyserver.net
PGP signature
