On Fri, 2 Dec 2011 13:38:51 -0500
"John W. Linville" <linville(a)redhat.com> wrote:
As for the stated benefits... I'm skeptical of the security
argument.
I mean, I can believe that a module could get accidentally or
inadvertantly loaded and then exploited. I just think that closing
those holes is a better plan.
Unfortunately, network modules will be autoloaded if a program opens
a socket with that protocol. They've talked about securing that, but
it never happened.
And there is a long history of security bugs being found in the new
and/or infrequently-used modules.