/boot/vmlinuz-* readable only by root, preventing userspace tools like libguestfs from using host kernel.
apw at canonical.com
Thu May 22 10:56:10 UTC 2014
On Thu, May 22, 2014 at 02:18:08AM -0700, John Johansen wrote:
> On 05/22/2014 01:24 AM, Robie Basak wrote:
> > This will probably want the attention of the kernel team for a reply, so
> > forwarding there. Is there maybe a security reason why it is arranged
> > this way? I note that System.map is the same.
> It was done deliberately to make it harder for an attacker to obtain
> information about the kernel (addresses of kernel symbols). However the
> actual value of doing this is nominal as an attacker can download the file
> and hard code the addresses with in an exploit or have the exploit down
> load the file it self, or use a service like ksymhunter.
Yes this was done originally as a security measure to reduce exposure of
local addresses to make auto-exploit code much harder. It is not clear
how one balances that with the desire to use kernels in a VM as well.
More information about the kernel-team