Linux 101 : Security - Blacklisting kernel modules -

Dynamic modules allow the kernel to have extra capabilities.
For example, device drivers could be loaded when a new device gets added to the system.

The device driver's module gets unloaded as soon as we disconnect the device from the system.

We could also load modules manually using the below command:

To be able to see all the loaded modules, we use the below command:

To avoid that some modules get loaded into the kernel, we could "blacklist" them by placing their names in the below file:

For the above to take effect, we would need to reboot our machine, using the "shutdown" command as below:

Then we could check to see of our module is still loaded in the kernel using the below command:

On a modular kernel such as the Linux kernel, we can load modules when we need them, then unload them when they are not used anymore.


Leave as a comment: