[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] RE: Lcap
- Subject: Re: [cobalt-security] RE: Lcap
- From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 30 Jun 2003 06:38:52 -0700 (PDT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Mon, 30 Jun 2003, Jon wrote:
> After a reboot I load a basic hello.c script
>
> #define MODULE
> #include <linux/module.h>
> /* Loads the module in the kernel */
> int init_module(void)
> {
> printk("<1>Hello, world\n");
> return 0;
> }
> /* Removes a module from the kernel */
> void cleanup_module(void)
> {
> printk("<1>Goodbye cruel world\n");
> }
>
> This loads without complaint > Jun 30 09:43:04 ns2 kernel: Hello, world
>
> However after removing the kernel module then running /sbin/lcap CAP_SYS_MODULE
> kernel mods are no longer able to be installed.
Where are you putting the lcap command?
Is it the last line in /etc/rc.d/rc.local?
Are you sure it was loaded?
If you putit in rc.local, it won't activate without a reboot.
So when we install lcap we always put the command in rc.local
(so it will execute on reboot) and then execute it manually
to make it active in the current session.
Gerald
--
http://frontstreetnetworks.com | http://store.raqware.com
Front Street Networks LLC, 229 Front Street, Ste.#C
New Haven, CT 06513-3203 | phone: +1-203-785-0699