Am Dienstag, den 09.09.2008, 17:09 +0200 schrieb Javier Martín: > In order to load modules you have to be root, so don't you think that if > someone gets to the point he would be able to load modules in your > server the battle is already lost?
It's a easy way to get a bit more security. A kernel module can do a bit more then a normal root user process and more important it can hide things better. These rootkits could just do something like `rm -rf /' but they mainly do hiding processes so that this machine can get used for their stuff too. Ok they can reboot the machine and load there own kernel, but that's too obvious. _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
