[PATCH 0/1] [Maverick, Lucid SRU] LP#568844 -- allow reading of /proc/mmap_min_addr
Tim Gardner
tim.gardner at canonical.com
Tue May 4 17:02:49 UTC 2010
On 05/04/2010 05:45 PM, Andy Whitcroft wrote:
> A number of applications need to be able read mmap_min_addr in order to
> determine where they should map segments. The permissions on the proc file
> imply that read should be possible but read is prevented by capabilities.
> As it is possible for an attacker to determine the current setting by
> repeated attempts to map low pages pages there is no point protecting this
> information.
>
> The following patch has been submitted upstream and in the security-testing
> tree. Proposing this for Maverick and SRU to Lucid.
>
> -apw
>
> Kees Cook (1):
> UBUNTU: SAUCE: mmap_min_addr check CAP_SYS_RAWIO only for write
>
> security/min_addr.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list