Date: Fri, 22 May 1998 14:02:08 GMT From: ark@eltex.spb.ru To: freebsd-security@FreeBSD.ORG Cc: regnauld@deepo.prosa.dk Subject: Re: Virus on FreeBSD Message-ID: <199805221402.OAA16417@paranoid.eltex.spb.ru> In-Reply-To: <199805211901.PAA23176@brain.zeus.leitch.com> from "woods@zeus.leitch.com (Greg A. Woods)"
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
nuqneH,
woods@zeus.leitch.com (Greg A. Woods) said :
> [ On Thu, May 21, 1998 at 18:15:55 (+0200), Philippe Regnauld wrote: ]
> > Subject: Re: Virus on FreeBSD
> >
> > Greg A. Woods writes:
> >
> > > Anyone who's read that article and has even the tiniest amount of
> > > imagination would *NEVER* run LKMs on a production machine. Sure
> >
> > BTW, is there a mechanism to disable loading of LKMs ?
> > (of course, removing the modload command is one way) -- I was
> > thinking about something that looked at the securelevel
> > and refused to load/unload a module depending on it.
>
> Not difficult at all, thankfully. Just define NO_LKM in your kernel
> configuration (from the /sys/i386/conf/LINT kernel config example):
>
> # If you want to disable loadable kernel modules (LKM), you
> # might want to use this option.
> options NO_LKM
>
> I've not done a code walkthrough to ensure this is 100%, but it's a good
> start and at least prevents modload from being useful.
2.1.7.1 does not have NO_LKM option in LINT. Don't know if it does
something for that system.
_ _ _ _ _ _ _
{::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_
(##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_|
[||] [||] [||] Do i believe in Bible? Hell,man,i've seen one!
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQCVAwUBNWWFX6H/mIJW9LeBAQHp/AQAicOQcxk6CZAO3VSxnLHKAIYSsyRgj+2i
/1U6AEmn1wI+VdbEk9o/1xxMAMFsV89UWwf3qhZi+qbSWdUvY7kxY7WNJe/mEi3Y
uQqfkEwbSQgTTUZc1SUbxdqV+Za/7MS8Y4oxct3640oCBbsSuAjcQG44p7ZxpBqE
aYfqvFlu5gg=
=mPGa
-----END PGP SIGNATURE-----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199805221402.OAA16417>