how to disable loadable kernel moduels?
sathler90 at gmail.com
Thu Feb 25 00:03:12 UTC 2010
If you do not want to change the secure level you can compile a static kernel:
# static kernel
put the above inside the kernel config file.
On Wed, Feb 24, 2010 at 8:19 PM, Bruce Cran <bruce at cran.org.uk> wrote:
> On Wed, 24 Feb 2010 16:47:25 -0600 (CST)
> Robert Bonomi <bonomi at mail.r-bonomi.com> wrote:
>> I'm building custom kernels for use in 'hostile' environments --
>> where I need to enforce "restricted" capabilities, even in the event
>> of malicious 'root' access. (if the bad guy has *physical* access to
>> the machine, I know I'm toast, so I don't try to protect against
>> _that_ in software -- beyond the usual access-control mechnisms, that
> See security(7) -
> Securelevel 1 disables the loading of kernel modules; the manual page
> has far more details of how to secure the system further.
> Bruce Cran
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions