how to disable loadable kernel moduels?
bruce at cran.org.uk
Wed Feb 24 23:19:36 UTC 2010
On Wed, 24 Feb 2010 16:47:25 -0600 (CST)
Robert Bonomi <bonomi at mail.r-bonomi.com> wrote:
> I'm building custom kernels for use in 'hostile' environments --
> where I need to enforce "restricted" capabilities, even in the event
> of malicious 'root' access. (if the bad guy has *physical* access to
> the machine, I know I'm toast, so I don't try to protect against
> _that_ in software -- beyond the usual access-control mechnisms, that
See security(7) -
Securelevel 1 disables the loading of kernel modules; the manual page
has far more details of how to secure the system further.
More information about the freebsd-questions