LFS Paper on Secure Servers

Tony Sequeira tony at sequeira.com
Wed May 5 01:12:56 PDT 2004


On Tue, 04 May 2004 23:48:50 -0500, Bruce Dubbs wrote

> 
> Bob Morgan wrote:
> 
> >In a somewhat related thought, having
> >a separate /boot partition, and commenting it out in /etc/fstab can
> >help a tiny bit to keep the kernel contents away from an attacker
> >(one can always mount it manually long enough to install a
replacement
> >kernel if need be - also related to the issue of monolithic vs
> modular).
> >  
> >
> I had thought of that.  The problem with that is that the klogd needs
> to 
> be able to read the System Map.  I don't know if there is a way to
have 
> it read from another location or not.

That's interesting.  I have been playing with Gentoo, and by default
the /boot partition is not mounted automatically.  I had a small
discussion about this in one of their forums, and was about to bring up
System.map, but then realised that I had no evidence that it was used
at anything but boot time.  I didn't realise that klogd needed access
to it. 

-- 
Tony



More information about the lfs-security mailing list