Am 07.12.2011 14:10, schrieb Marcus Meissner:
Actually you shouldn't have skipped them, because these protocols are autoloadable by regular users and the exploits. (you just need to create a socket with AF_ROSE or AF_AX25 to load them).
So the root exploits in those modules worked because the kernel was (and I think still is) autoloading network modules on demand.
"find /lib/modules/ -name rose.ko -o -name ax25.ko|xargs rm" did help to prevent that. Enough OT ;-)
All in all it is less "fear of the unknown" but a call for application of "Principle of least privilege" ( http://en.wikipedia.org/wiki/Principle_of_least_privilege )
I agree. I really want a useful distribution. Useful in a sense that I can do my work easily with as little distraction due to security stuff as possible. However, judging that I never have used perf nor ever looked into debugfs, I wonder why I want to have it mounted by default. Best regards, Stefan -- Stefan Seyfried "Dispatch war rocket Ajax to bring back his body!" -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org