On Mon, May 02, 2005 at 11:11:11AM +0200, Nicolas Costes wrote: > Le Vendredi 29 Avril 2005 21:53, Oliver Dietz a �crit�: > > ok, lets do some brainstorming (comment: i'm no vserver specialist nor > > can i write programs on linux): > > [OK] Checking proc-fs [WARN] > > found kmem-entry [...] > > Talking about that, I checked /proc on one of my vservers... Is this line > a good thing ? Is it a potential security issue ?
usually (i.e. after vprocunhide) you have something like: $ chcontext --ctx 100 ls /proc/ New security context is 100 1 devices iomem loadavg mounts slabinfo sysvipc 85 execdomains ioports locks net stat tty cmdline filesystems kcore meminfo pci swaps uptime cpuinfo interrupts kmsg misc self sys version which looks a little _insecure_ at first glance, but if you look a little closer ... $ chcontext --ctx 100 --secure wc /proc/kcore New security context is 100 wc: /proc/kcore: Operation not permitted which should be sufficient, of course, you can always hide that entry too, given that your userspace doesn't look for it ... HTH, Herbert > # ls -l /proc > -r-------- 1 root root 939528192 mai 2 11:04 kcore > > Note: I have 1Gb ram on this box... > > -- > ,, > (�> Nicolas Costes > /|\ IUT de La Roche / Yon > ( ^ ) Cl� publique: http://www.keyserver.net/ > ^ ^ Musique libre: http://www.magnatune.com/ _______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
