Date: Thu, 21 May 1998 11:16:53 -0400 From: Keith Stevenson <k.stevenson@louisville.edu> To: freebsd-security@FreeBSD.ORG Subject: LKMs (Was: Virus on FreeBSD) Message-ID: <19980521111653.A9283@homer.louisville.edu> In-Reply-To: <199805211431.KAA17444@brain.zeus.leitch.com>; from Greg A. Woods on Thu, May 21, 1998 at 10:31:08AM -0400 References: <199805210018.RAA04596@passer.osg.gov.bc.ca> <199805210149.LAA25157@frenzy.ct> <199805211431.KAA17444@brain.zeus.leitch.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ok, I'll buy off on the idea that LKMs can be bad from a security standpoint. How does one go about removing that functionality from the system? Thanks, --Keith Stevenson-- -- Keith Stevenson System Programmer - Data Center Services - University of Louisville k.stevenson@louisville.edu PGP key fingerprint = 4B 29 A8 95 A8 82 EA A2 29 CE 68 DE FC EE B6 A0 On Thu, May 21, 1998 at 10:31:08AM -0400, Greg A. Woods wrote: > > A "published" LKM that can do the most nasty things was in the Phrack > newsletter issue #51. > > Anyone who's read that article and has even the tiniest amount of > imagination would *NEVER* run LKMs on a production machine. Sure > they're a great tool for doing OS developement and experimention at the > lowest levels, but they're more dangerous in a production environment > than not even having a root password in the first place (at least with > the latter you *know* your security is blown). > <snip> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980521111653.A9283>