Scot Jenkins wrote: >In the past there have been linux exploits via kernel loadable modules. >My recommendation for anything that's directly on the net (eg, >firewalls, routers, shell servers, etc.) is to use a monolithic kernel >with only the bare minimum drivers that are needed to function compiled >directly in. Just my $0.02. YMMV as always. Also monitor security mailing lists and fix the kernel after an exploit occurs or update the kernel on a regular but not too cutting edge basis. A monolithic (having no loadable module functionality) kernel allows one, absolute Draconian control over what code in the kernel runs, but does it provide a real security advantage over a loadable module kernel? I believe a loadable module kernel is just as secure (against attack) as a non-loadable module kernel. What makes the loadable module kernel "less secure" is that when an intruder has access, he can use his own loadable modules to help cover his tracks and insert spying and other undesirable software into the kernel. Sincerely, Ken Fuchs <kfuchs at winternet.com> _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list