Re: [PATCH 3/7] procfs privacy: misc. entries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Apr 18, 2005 at 08:46:52PM +0200, Lorenzo Hernández García-Hierro wrote:
 > This patch changes the permissions of the following procfs entries to
 > restrict non-root users from accessing them:
 > 
 >  - /proc/devices 
 >  - /proc/cmdline
 >  - /proc/version
 >  - /proc/uptime
 >  - /proc/cpuinfo

This is utterly absurd. You can find out anything thats in /proc/cpuinfo
by calling cpuid instructions yourself.
Please enlighten me as to what security gains we achieve
by not allowing users to see this ?

Restricting lots of the other files are equally absurd.

I'd also be very surprised if various random bits of userspace
broke subtley due to this nonsense.

		Dave

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux