Re: Security: information leaks in /proc enable keystroke recovery

From: David Wagner
Date: Sat Aug 15 2009 - 20:53:42 EST

Next message: Manfred Spraul: "[PATCH 3/4] ipc/sem.c: optimize single semop operations"
Previous message: Tejun Heo: "Re: [PATCH] poll/select: initialize triggered field of struct poll_wqueues"
In reply to: Theodore Tso: "Re: Security: information leaks in /proc enable keystroke recovery"
Next in thread: Theodore Tso: "Re: Security: information leaks in /proc enable keystroke recovery"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Theodore Tso wrote:
> A configuration option which defaults to disabling ESP and EIP would
> be a simple way to prevent this specific instance of information
> leakage. The problem is there are other files that might reveal
> timing information, but which are very useful for a system
> administrator. A key example of this is /proc/$pid/wchan, which is
> responsible for the WCHAN column is a ps listing.

If they're useful for system administrators, would making them
readable to root (but not everyone) be enough?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Manfred Spraul: "[PATCH 3/4] ipc/sem.c: optimize single semop operations"
Previous message: Tejun Heo: "Re: [PATCH] poll/select: initialize triggered field of struct poll_wqueues"
In reply to: Theodore Tso: "Re: Security: information leaks in /proc enable keystroke recovery"
Next in thread: Theodore Tso: "Re: Security: information leaks in /proc enable keystroke recovery"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]