> This program disables and open and ioctl of /dev/vd thus > blocking modload and modstat from from funtioning. The > use of this is to disable people (crackers) from installing > "unwanted" drivers. As far as SunOS 4.1.X security is concerned, you are probably better off disabling loadable modules altogether by commenting out the options VDDRV # loadable modules line in the kernel configuration and linking in the loadable modules that you want in a permanent fashion, as though they were ordinary device-driver object files. Also, once you've done this, you can delete (or at least de-suid) /usr/kvm/modload. I haven't tried this with evqmod-sun4*.o or winlock-sun4*.o, (I don't use them, though I would be interested in experiences). However, I have done it with a frame-buffer loadable module, and in general it should work unless the module has been written such that the act of loading/unloading does something that would be traditionally associated with first opens or last closes. -- Jeff Smith, Computer Science, Warwick University, Coventry, CV4 7AL, England jeff@dcs.warwick.ac.uk phone: +44 203 523485 fax: +44 203 525714