[Asterisk-Dev] can ztdummy be used with a monolithic kernel? (2.6)
Rev. Jeffrey Paul
sneak at datavibe.net
Sat Aug 13 01:48:13 MST 2005
I am attempting to get MeetMe working on a machine using only IP for
trunks. This machine, for security reasons, has module support disabled
and is patched to disallow writing to /dev/mem or /dev/kmem (even by
root) to prevent unauthorized loading of code into kernelspace (which is
possible via these mechanisms even with modules disabled).
I am running 2.6.11, specifically, the gentoo hardened version (r13)
that includes grsecurity and cryptography support.
Is it possible to get ztdummy working as a timer source for asterisk in
such a configuration, or must I enable module support (and thus the huge
potential for an LKM backdoor in the event of a system compromise)?
Regards,
-j
--
--------------------------------------------------------
Rev. Jeffrey Paul -datavibe- sneak at datavibe.net
aim:x736e65616b pgp:0x40754B94 phone:877-748-3467
F3F7 FFB7 B966 3675 9170 5265 AD12 0474 4075 4B94
--------------------------------------------------------
More information about the asterisk-dev
mailing list