Module Name: src
Committed By: maxv
Date: Sat Jul 21 07:46:56 UTC 2018
Modified Files:
src/etc: MAKEDEV.tmpl
Log Message:
Create /dev/ksyms as "440 $g_kmem". This prevents unprivileged users from
reading the kernel symbols. Discussed in January 2018 on tech-kern@,
reported by maya@, tested by tih@.
To generate a diff of this commit:
cvs rdiff -u -r1.190 -r1.191 src/etc/MAKEDEV.tmpl
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/MAKEDEV.tmpl
diff -u src/etc/MAKEDEV.tmpl:1.190 src/etc/MAKEDEV.tmpl:1.191
--- src/etc/MAKEDEV.tmpl:1.190 Sun May 20 14:08:33 2018
+++ src/etc/MAKEDEV.tmpl Sat Jul 21 07:46:56 2018
@@ -1,5 +1,5 @@
#!/bin/sh -
-# $NetBSD: MAKEDEV.tmpl,v 1.190 2018/05/20 14:08:33 thorpej Exp $
+# $NetBSD: MAKEDEV.tmpl,v 1.191 2018/07/21 07:46:56 maxv Exp $
#
# Copyright (c) 2003,2007,2008 The NetBSD Foundation, Inc.
# All rights reserved.
@@ -940,7 +940,7 @@ std)
mkdev full c %mem_chr% 11 666
mkdev zero c %mem_chr% 12 666
mkdev klog c %log_chr% 0 600
- mkdev ksyms c %ksyms_chr% 0 444
+ mkdev ksyms c %ksyms_chr% 0 440 $g_kmem
mkdev random c %rnd_chr% 0 444
mkdev urandom c %rnd_chr% 1 644
if ! $fdesc_mounted; then
