Loadable Security Module

LSM (Loadable Security Module) is a very simple but effective intrusion prevention loadable kernel module. Current functionality involves protecting extended file attributes on ext2 from being modified by the super user and the module from being removed and other modules from being loaded. The basic protection also prevents access to raw devices, so debugfs can not be used on a disk partition nor can a change to the boot process occur. You will not be able to reconfigure lilo, if the module gets activated.