[PATCH 0/7] procfs privacy

[Lorenzo Hernández García-Hierro]

As extracted from grsecurity's config. documentation: "non-root
users will only be able to view their own processes, and restricts
them from viewing network-related information, and viewing kernel
symbol and module information."

This is a procfs "privacy" split-up patch based in grsecurity procfs
restrictions
with some changes, more concretely, the restricted sections and entries
are:

- /proc/bus
   /pci
- /proc/net
- /proc/config.gz
- /proc/kallsyms
- /proc/ioports
- /proc/iomem
- /proc/devices
- /proc/cmdline
- /proc/version
- /proc/uptime
- /proc/cpuinfo
- /proc/partitions
- /proc/stat
- /proc/interrupts
- /proc/slabinfo
- /proc/diskstats
- /proc/modules
- /proc/schedstat

Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@xxxxxxx>
---

linux-2.6.11-lorenzo/drivers/pci/proc.c  |    4 ++--
linux-2.6.11-lorenzo/fs/proc/base.c      |   10 +++++++++-
linux-2.6.11-lorenzo/fs/proc/proc_misc.c |   25
+++++++++++++------------
linux-2.6.11-lorenzo/fs/proc/root.c      |    4 ++--
linux-2.6.11-lorenzo/kernel/configs.c    |    2 +-
linux-2.6.11-lorenzo/kernel/kallsyms.c   |    2 +-
linux-2.6.11-lorenzo/kernel/resource.c   |    4 ++--
7 files changed, 30 insertions(+), 21 deletions(-)

-- 
Lorenzo Hernández García-Hierro <lorenzo@xxxxxxx> 
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]

Attachment: signature.asc
Description: This is a digitally signed message part