Re: [Fwd: Re: LWN: Ptrace vulnerability in 2.2 and 2.4 kernels]
* Quoting Marc Demlenne (m.demlenne@skynet.be):
> echo unexisting_binary > /proc/sys/kernel/modprobe
>
> Can we trust this solution ?
> What's the effect ?
You can't dynamically load and unload modules
anymore. If you load all the modules you need
before doing it, you're fine.
> It seems to work fine, and to block the exploit on my box.
> But i don't know the effect on the system, since i guess this file has a
> good reason to be present on a debian box ...
> So is it a good idea to modify it this way ?
Untill you installed a patched kernel, yes, if you
don't need to dynamically (un)loaded modules.
- rk
--
http://www.stop1984.com/
Reply to: