On Tue, 26 Aug 2008 08:52:05 -0500 Christoph Lameter <[EMAIL PROTECTED]> wrote:
> Arjan van de Ven wrote: > > > one useful test is to make sure it's off by default in production > > kernels (due to the security sensitive nature of leaking this info) > > It would have been nice if this was in debugfs as well not in proc > > /proc/vmallocinfo is only readable by root. If a user has already > gained root access then he already has lots of other opportunities to > do damage. > so which selinux context did you limit this file to? seriously; exposing kernel address space to userland is not good, root or not. And we go through relatively great length to make sure we don't do that in any default config. > -- If you want to reach me at my work email, use [EMAIL PROTECTED] For development, discussion and tips for power savings, visit http://www.lesswatts.org ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Ltp-list mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ltp-list
