At Thu, 24 Feb 2005 22:37:42 +1100, Oscar Plameras wrote: > With my firewalls and other security critical servers, I require > recompiling kernels by removing all UNUSED and REDUNDANT modules as > part of the audit process so, when I got a problem such as the one > illustrated above, I ONLY need to examine a few modules instead of > TONS of them.
Of course, nasty kernel code can be loaded and then the file containing that code deleted. (ie: modules on disk really have no relation to loaded modules). So this only really adds a level of inconvenience to hackers - assuming they wanted one of the standard modules (and it takes up less disk space if thats important too). -- - Gus -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
