MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
automatic
Search

[$] Restricting automatic kernel-module loading

Monday December 4, 2017. 06:16 PM , from LWN.net
The kernel's module mechanism allows the building of a kernel with a wide
range of hardware and software support without requiring that all of that
code actually be loaded into any given running system. The availability of all of
those modules in a typical distributor kernel means that a lot of features
are available — but also, potentially, a lot of exploitable bugs. There
have been numerous cases where the kernel's automatic module loader has
been used to bring buggy code into a running system. An attempt to reduce
the kernel's exposure to buggy modules shows how difficult some kinds of
hardening work can be.
https://lwn.net/Articles/740455/rss

Related News

News copyright owned by their original publishers | Copyright © 2004 - 2017 Zicos / 440Network
Current Date
Dec, Wed 13 - 12:14 CET