MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos

[$] Restricting automatic kernel-module loading

Monday December 4, 2017. 06:16 PM , from
The kernel's module mechanism allows the building of a kernel with a wide
range of hardware and software support without requiring that all of that
code actually be loaded into any given running system. The availability of all of
those modules in a typical distributor kernel means that a lot of features
are available — but also, potentially, a lot of exploitable bugs. There
have been numerous cases where the kernel's automatic module loader has
been used to bring buggy code into a running system. An attempt to reduce
the kernel's exposure to buggy modules shows how difficult some kinds of
hardening work can be.
News copyright owned by their original publishers | Copyright © 2004 - 2018 Zicos / 440Network
Current Date
Aug, Wed 15 - 09:10 CEST