On Fri, Mar 22, 2013 at 8:07 PM, Josh Boyer <jwboyer@xxxxxxxxx> wrote: > On Fri, Mar 22, 2013 at 12:18 PM, Tom Gundersen <teg@xxxxxxx> wrote: >> There is nothing >> forcing you to use libkmod to load modules, so there would be no >> guarantee that only the modules on the white-list can be loaded (i.e., >> adding this feature would not have the same guarantee as rebuilding >> the kernel with only the whitelisted modules enabled, contrary to what >> I guess one would expect?). > > You are not incorrect, however rebuilding the kernel isn't always an > option. Yes, so my understanding was that you want this white-listing feature in order to get the same behavior as if you had rebuilt the kernel, without actually having to do so. Is that correct? If so, then my point was that you don't get the same behavior, as there are other ways to load modules, so people might get a false sense of security... -t -- To unsubscribe from this list: send the line "unsubscribe linux-modules" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
