grsecurity forums


https://forums.grsecurity.net./

Runtime module disabling support added by default to 2.6.31

https://forums.grsecurity.net./viewtopic.php?f=3&t=2187

Page 1 of 1

Runtime module disabling support added by default to 2.6.31

PostPosted: Fri Sep 04, 2009 10:43 am
by spender
If you were using the runtime module disabling feature of grsecurity in the past, you should be aware that in the upcoming 2.6.31 kernel, support for the same feature has been added by default (just by having module support). The new sysctl entry for it is:

/proc/sys/kernel/modules_disabled

To disable module loading at runtime, do a:

echo 1 > /proc/sys/kernel/modules_disabled

Since this feature now exists in the vanilla kernel by default, the grsecurity feature (and sysctl entry) have been removed.

-Brad

Re: Runtime module disabling support added by default to 2.6.31

PostPosted: Sun Oct 04, 2009 11:21 am
by specs
I allways thought the right way to do that would be

# sysctl kernel.modules_disabled=0
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/