Grrr... modprobe.conf
drago01
drago01 at gmail.com
Mon Sep 20 13:02:35 UTC 2010
2010/9/20 Michał Piotrowski <mkkp4x4 at gmail.com>:
> 2010/9/20 Bryn M. Reeves <bmr at redhat.com>:
>> On 09/20/2010 01:37 PM, Tom Horsley wrote:
>>> On Mon, 20 Sep 2010 11:56:56 +0200
>>> Michał Piotrowski wrote:
>>>
>>>> You can blacklist the firewall modules - it can be critical :)
>>>
>>> Actually, I think you can run any arbitrary command to
>>> load a module,
>
> Or pass any parameter to a module.
>
>> so it is probably a gigantic security
>>> hole.
>
> Yeah - but it depends on conditions, system configuration etc. It can
> be treated as "minor issue", "major issue", "high risk vulnerability"
> or "gigantic security hole" - depends on system configuration and
> other things. Let's CC devel list.
Well depends on the cirumstances.
As the file is supposed to be obsolete anyway ... we should just make
modprobe ignore it ;)
More information about the test
mailing list