Linux kernel Disable Auto-Loading of Kernel Modules
Yesterday, I saw this email and I was like WTF?!
The patch is to simply comment out MODULE_ALIAS_NETPROTO() macros of RDS and ECONET protocols but seriously… Is this a security patch?
What? Linux developers are too cool for a simple patch such as grsecurity’s MODHARDEN?
If someone was about to own a system using a local root on some exotic protocol family he probably have done this before his bug was killed. So, the aim of this patch is to avoid other vulnerabilities on those two modules by completely disabling them. Then what’s the purpose of compiling them and keeping them in Linux kernel?
I don’t like spender (and he doesn’t like me either) but that has nothing to do with his MODHARDEN patch which is a very sane approach for a mitigation strategy against such vulnerabilities.