[PATCH 5/7] procfs privacy: /proc/config.gz

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patch changes the permissions of the procfs entry config.gz, thus,
non-root users are restricted from accessing it.

It's also available at:
http://pearls.tuxedo-es.org/patches/security/proc-privacy-1_kernel_configs.c.patch

-- 
Lorenzo Hernández García-Hierro <[email protected]> 
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
diff -puN kernel/configs.c~proc-privacy-1 kernel/configs.c
--- linux-2.6.11/kernel/configs.c~proc-privacy-1	2005-04-17 18:04:39.281600856 +0200
+++ linux-2.6.11-lorenzo/kernel/configs.c	2005-04-17 18:05:33.478361696 +0200
@@ -89,7 +89,7 @@ static int __init ikconfig_init(void)
 	struct proc_dir_entry *entry;
 
 	/* create the current config file */
-	entry = create_proc_entry("config.gz", S_IFREG | S_IRUGO,
+	entry = create_proc_entry("config.gz", S_IFREG | S_IRUSR,
 				  &proc_root);
 	if (!entry)
 		return -ENOMEM;

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux