[$] Restricting automatic kernel-module loading

The kernel's module mechanism allows the building of a kernel with a widerange of hardware and software support without requiring that all of thatcode actually be loaded into any given running system. The availability of all ofthose modules in a typical distributor kernel means that a lot of featuresare available - but also, potentially, a lot of exploitable bugs. Therehave been numerous cases where the kernel's automatic module loader hasbeen used to bring buggy code into a running system. An attempt to reducethe kernel's exposure to buggy modules shows how difficult some kinds ofhardening work can be.