Hi, the work of the security team is very, very much appreciated! On Wed, Mar 05, 2014 at 08:03:01PM +0100, Moritz Muehlenhoff wrote: > * We're planning to request for hidepid to be enabled by default (to 1). > This will squash an entire class of information leaks. If you have any > comments or objections, please get in touch with us.
I looked at the docs and as I read them this would affect uid 0 as well. In this case tools like checkrestart and whatmaps wouldn't be able to detect mapped libraries anymore actually preventing security updates for running processes. Maybe excempting uid 0 would be good. Cheers, -- Guido -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140305195409.gb23...@bogon.m.sigxcpu.org