[Bug 55804] Re: /proc/kcore not openable
Matthias Kretz
kretz at kde.org
Thu Aug 10 14:47:49 UTC 2006
> in general, this does not need to be available
What defines the need? I had a need for /proc/kcore yesterday and I had
the need before.
> exposes memory that could contain very sensitive data
Yes it does. But it's only exposed to the root user. And the root user
can do anything to the system. Where's the added security in crippling
/proc/kcore (and /dev/mem)?
I'm not convinced disabling /proc/kcore adds security. It might make it
a little harder for an attacker that got root rights to get to sensitive
information but it won't prevent it in any case. On the other hand it
disallows legitimate use of it and therefore cripples the system in an
unnecessary way.
I guess from now on I have to patch and recompile the kernel everytime
Ubuntu releases a new image ;-(
--
/proc/kcore not openable
https://launchpad.net/bugs/55804
More information about the kernel-bugs
mailing list