From: Dean N. <di...@ti...> - 2003-10-14 18:24:10
|
Well, from what I could find, does this make any sense to you? linux-2.4.20-modulesoff.patch The only place besides RedHat that I could find it mentioned was on the SentryFirewall site. So it may be a RedHat specific modification. In particular, I couldn't find it mentioned on the Kernel mailing list archives... Dean -----Original Message----- Subject: Re: [Devil-linux-develop] Feature Request: Disabling of Module Loading I really like that idea ! Can you find out which Kernel Patch is providing this feature? Heiko On 10/13/2003 11:08:32 PM "Dean Nedelman" wrote: >I was reading the release notes for Fedora (the latest version of >RedHat's >consumer product - in beta). It had the following comment >(http://fedora.redhat.com/docs/release-notes/): > >------------------ > >The Fedora Core 0.94 kernel now makes it possible to prevent the >loading of >kernel modules. This can be useful for system administrators wanting to >ensure that only a strictly-controlled set of modules are loaded. To >disable >kernel module loading, issue the following command: > >echo off > /proc/modules > >Once this command has been issued, all further attempts to load kernel >modules will fail. > >NOTE: Once kernel module loading has been disabled, a reboot is >required to >re-enable it. > >------------------------ > >And I was thinking - wouldn't this be a useful feature for Devil-Linux? >After all - we are [presumably] running a "static" environment. So >once a >system is booted, wouldn't we WANT to prevent the loading (and/or >changing) >of kernel modules? |