Change Linux default security level _unix Linux with lkm

The Linux default security level is 0, and if you raise it to 1, you can improve the security of the system to some extent. Security level
When 1, it disables the modification of the immutable and append-only bits of the files in the EX2FS system, while also prohibiting loading
/Remove module. So we can first use chattr +i <file> will most of the executable file, dynamic Connection library,
Some important system files (INETD.CONF,SECURETTY,HOSTS.ALLOW,HOSTS.DENY,RC.D under the Kai
Move script ...) Add immutable bit, so "hacker" it is difficult to put on your machine Trojan horse and left the back door.
(Even if he has the root privileges, of course, read and write through the direct hard drive can still be modified, but more cumbersome and dangerous
).
Once the hackers enter the system and get root, they first clear the system's record file. You can give some system log files
(Wtmp,messages,syslog ...) Increase the append-only bit, so that "hackers" can not easily modify them. To catch
They are much easier.:-)
The more direct way to modify the security level is to directly modify the kernel source. The LINUX/KERNEL/SCHED.C in the
The Securelevel is set to 1. But if you want to change the security level, you need to recompile the kernel, I'm too lazy to
Trouble.:-)
Why not use module? I wrote a very simple lkm and a client program to complete the security level switch.

Methods: Insmod lkm; Clt-h;

Note: Ordinary users can also perform CLT to switch security levels, so it is best to add a section of password checking in CLT and lkm.
Do not allow execution if the password is not correct.:-) 
The two programs are compiled and run through Redhat 5.2 (2.0.36). For the 2.2.x kernel, securelevel
into a securebits, simple to change it to 1, will not even setuid () are banned, so that ordinary users can not
Landed. If who is familiar with the 2.2.x, please do not hesitate to enlighten, common improvement.:)

< before you test these programs, back up your important data. I am not responsible for any loss caused by running this program .>

(Once Securelevel=1,kernel will not be allowed to load modlue, your kerneld may not be
Often works and prohibits you from accessing/dev/kmem, so some programs that use svgalib do not work properly.
, like ZGV or something. But this is inherently a security risk, so do not work do not work well, hehe
(About CHATTR,LSADDR Please man chattr and man lsattr)

warning3@hotmail.com

/**************************** LKM.C ********************************/


/* Simple lkm to secure Linux.
* This module can is used to change the securelevel of Linux.
* Running The client would switch the Securelevel.
*
* Gcc-o3-wall-c LKM.C
* Insmod Lkm
*
* It is tested in Redhat 5.2 (2.0.36).
* (It should be modified if you are want to run it in 2.2.x kernel).
* It is really very simple,but we just for educational purposes.:-)
*
*warning3@hotmail.com
*/






















extern void *sys_call_table[];

int sys_secureswitch (int secure)
{
if (secure==0) securelevel=0;
if (secure==1) securelevel=1;
return Securelevel;
}

int init_module (void)
{
sys_call_table[__nr_secureswitch] = (void *) Sys_secureswitch;
return 0;
}
void Cleanup_module (void)
{
sys_call_table[__nr_secureswitch] = NULL;
return;
}


/************************ clt.c **************************/


/*

* This client can switch to the secure level of Linux.

*

*gcc-o3-wall-o CLT clt.c

*usage:clt-h/-l

*-hswitch to the high and secure level.

*-lswitch to the low secure level.

*

*most of codes are ripped from Smiler@tasam.com,thanks Smiler.:)

*warning3@hotmail.com

*/













static inline _syscall1 (int, secureswitch, int, command);



int main (int argc,char **argv)

{

int ret,level = 0;



if (ARGC < 2)

{

fprintf (stderr, "Usage:%s [-h/-l]\n", argv[0]);

exit (-1);
}



if (argv[1][1] = = ' h ') level++;

else if (argv[1][1]!= ' l ')

{

fprintf (stderr, "Usage:%s [-h/-l]\n", argv[0]);

exit (-1);

}



ret = Secureswitch (level);

if (Ret < 0)

printf ("Hmmm ...") It seemed that we lkm hasn ' t been loaded.;-) \ n ");
else {

if (ret = 0) {

puts ("Now the secure level are changed to 0!\n");

} else {

puts ("Now the secure level are chagned to 1!\n");

}

}

return (1);

}


(Source: Viphot)