On Mon, 12 Jun 2006 11:16:56 -0700, Evan Klitzke wrote:

> I have heard a security argument made that it is safer to compile
> everything into the kernel, and disable support for modules entirely.
> The reason for this is that if someone can load malicious modules on
> your system they can basically circumvent any security systems you are
> using, including things like SELinux and grsec.

This is only relevant is all your hardware can be supported by in-kernel
modules. Add one item that needs a 3rd party module and you are forced to
enable module loading.


-- 
Neil Bothwick

"Bother," said Pooh, as the vice squad took his GIFS