modules

Bennett Todd bet at rahul.net
Tue Jan 6 17:12:27 PST 2004


2004-01-06T16:05:21 Amanda Lynn Rossmiller:
> i remember reading somewhere that kernel modules'
> use should be discouraged in a secure system...

The argument for disabling loadble modules (using a monolithic
kernel) is that they make an easy, well-documented path for an
intruder who has broken root to install kernel modules that change
the behavior of the OS, to make a rootkit that conceals intrusions
or leaves backdoors or whatever, even in the face of audit apps that
the intruder didn't know about.

However, black hats know how to modify the kernel without using
loadable kernel modules.

As a piece of defense in depth, it's not worthless, perhaps, today,
but its value is not of the very top quality. If the utility lost by
abandoning loadable kernel modules is great, in a given application,
then the security benefit might not be worth it. I think the
security benefit nonzero today, shrinking over time. I happen to
like monolithic kernels, along with entirely statically linked
systems with no support for dynamic libraries at all, but then I'm a
knuckle-dragging barbarian.

-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20040106/e00c93a1/attachment.sig>


More information about the hlfs-dev mailing list