pedwardat_private wrote: [cut] > A simple approach for Linux would be something like this: [cut] > Any other ideas on preventing untrusted modules from being loaded or replaced > and loaded as an existing 'trusted' module? Well, one of the key features of the Linux Intrusion Detection System Patch (imho the name is a little bit misleading) is "Modules protection: Lock module insertion/removing. After your modules inserteds, you can lock any other insmod/rmmod by issuing a echo 1 > /proc/sys/lids/lock_modules" See http://www.soaring-bird.com.cn/oss_proj/lids/ HTH best regards, Rainer Link -- Rainer Link, eMail: linkra@fh-furtwangen.de, WWW: http://rainer.w3.to/ Student of Communication Engineering/Computer Networking, University of Applied Sciences,Furtwangen,Germany,http://www.ce.is.fh-furtwangen.de/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:22:56 PDT