Re: Kernel modules

From: Matt Harris (mdh@unix.si.edu)
Date: 03/10/03

Next message: Jim Zajkowski: "Re: Solaris disk wipe utilitiy?"

Previous message: Hal Flynn: "Administrivia"
Maybe in reply to: Hal Flynn: "Kernel modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 10 Mar 2003 10:21:25 -0500
From: Matt Harris <mdh@unix.si.edu>
To: focus-sun@securityfocus.com

WatchGuard (www.watchguard.com) makes a product (which is an lkm itself)
called ServerLock which prevents this sort of thing (touching the kernel
at all in a potentially-hazardous way, really) as well as placing
additional restrictions on filesystem write accesses. I've used it a
bit and it seems to be pretty decent, althought it does not co-exist
with Veritas filesystem at all without causing *Major* problems.

Hal Flynn wrote:
> So, my question is, what are you doing to prevent the loading of kernel
> modules? Any clever tricks? Hacks?
>
> Cheers,
> Hal Flynn
> Symantec Corp.

-- 
/*
 *
 * Matt Harris - Senior UNIX Systems Engineer
 * Smithsonian Institution, OCIO
 *
 */

Next message: Jim Zajkowski: "Re: Solaris disk wipe utilitiy?"

Previous message: Hal Flynn: "Administrivia"
Maybe in reply to: Hal Flynn: "Kernel modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: GPLv2 or not GPLv2? (no license bashing)
... >> Suppose I write a new kernel module, without touching any existing ... and this module gets included in the kernel tree. ... send the line "unsubscribe linux-kernel" in ...
(Linux-Kernel)
Re: GPLv2 or not GPLv2? (no license bashing)
... > Suppose I write a new kernel module, without touching any existing ... and this module gets included in the kernel tree. ... send the line "unsubscribe linux-kernel" in ...
(Linux-Kernel)