Security
While loadable kernel modules are a convenient method of modifying the running kernel, this can be abused by attackers on a compromised system to prevent detection of their processes or files, allowing them to maintain control over the system. Many rootkits make use of LKMs in this way. Note that on most, if not all, operating systems, modules do not help privilege elevation in any way, as elevated privilege is required to load a LKM; they merely make it easier for the attacker to hide the break-in. (On OS X, a loadable kernel module in a kernel extension bundle can be loaded by non-root users if the OSBundleAllowUserLoad property is set to True in the bundle's property list; however, if any of the files in the bundle, including the executable code file, are not owned by root and group wheel, or are writable by the group or "other", the attempt to load the kernel loadable module will fail.)
Read more about this topic: Loadable Kernel Module
Famous quotes containing the word security:
“...I lost myself in my work and never felt that marriage would give me the security I wanted. I thought that through the trade union movement we working women could get better conditions and security of mind.”
—Mary Anderson (1872–1964)
“Our security depends on the Allied Powers winning against aggressors. The Axis Powers intend to destroy democracy, it is anathema to them. We cannot provide that aid if the public are against it; therefore, it is our responsibility to persuade the public that aid to the victims of aggression is aid to American security. I expect the members of my administration to take every opportunity to speak to this issue wherever they are invited to address public forums in the weeks ahead.”
—Franklin D. Roosevelt (1882–1945)
“The reins of government have been so long slackened, that I fear the people will not quietly submit to those restraints which are necessary for the peace and security of the community.”
—Abigail Adams (1744–1818)