oss-sec mailing list archives
Re: [Security] [oss-security] Re: /proc infoleaks
From: Andrew Morton <akpm () linux-foundation org>
Date: Tue, 7 Sep 2010 12:57:14 -0700
On Tue, 7 Sep 2010 12:46:56 -0700 Andrew Morton <akpm () linux-foundation org> wrote:
We're not going to change the kernel defaults, end of story - that would break far too much stuff.
That being said, it *might* be acceptable to obfuscate the kernel-side addresses. Still print them, but they're all zeroes. I doubt if many tools at all are actually using those. Perhaps a runtime knob which obfuscates those addresses for unprivileged users, something like that. That also being said, I'm not seeing any kernel-side addresses in slabinfo or zoneinfo anyway and I believe some distros already hide kallsyms. More specificity is needed.
Current thread:
- /proc infoleaks Sebastian Krahmer (Sep 07)
- Re: [Security] /proc infoleaks Andrew Morton (Sep 07)
- Re: [Security] /proc infoleaks Sebastian Krahmer (Sep 07)
- Re: Re: [Security] /proc infoleaks Marcus Meissner (Sep 07)
- Re: [Security] [oss-security] Re: /proc infoleaks Willy Tarreau (Sep 13)
- Re: [Security] /proc infoleaks Sebastian Krahmer (Sep 07)
- Re: Re: [Security] /proc infoleaks Jon Oberheide (Sep 07)
- Re: Re: [Security] /proc infoleaks Andrew Morton (Sep 07)
- Re: [Security] [oss-security] Re: /proc infoleaks Andrew Morton (Sep 07)
- Re: [Security] [oss-security] Re: /proc infoleaks Brad Spengler (Sep 07)
- Re: Re: [Security] [oss-security] Re: /proc infoleaks Sebastian Krahmer (Sep 07)
- Re: Re: [Security] [oss-security] Re: /proc infoleaks Brad Spengler (Sep 08)
- Re: [Security] /proc infoleaks Andrew Morton (Sep 07)
- Re: [Security] [oss-security] Re: /proc infoleaks Linus Torvalds (Sep 07)