[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kernel module loading vs securelevel
> > > It would seem to be intentional. After all, kernel modules can
> > > do all sorts of nasty things if they want to.
> > In that case, module autoload/autounload is not functional at all and
> > we have to specify all possible necessary modules explicitly
> > during boot time??
> Yes. Otherwise it's quite easy to defeat securelevel by causing the
> loading of a module that resets it to -1.
Hmm, what do you think about this feature?
Only available in INSECURE environment?
>> Working file: kern_module.c
>> revision 1.26
>> date: 2008/11/14 23:06:45; author: ad; state: Exp; lines: +85 -3
>> - If the system encounters a severe memory shortage, start unloading
>> unused kernel modules.
>> - Try to unload any autoloaded kernel modules 10 seconds after their
>> load was successful.
Main Index |
Thread Index |