Re: [PATCH] Masking kernel commandline parameters (2.6.7)

From: Juergen Pabel
Date: Mon Aug 09 2004 - 13:12:36 EST

Next message: Jens Axboe: "Re: [PATCH 2/2] blk_queue_tags_resize_failure"
Previous message: Juergen Pabel: "Re: [PATCH] Masking kernel commandline parameters (2.6.7)"
In reply to: Andrew Morton: "Re: [PATCH] Masking kernel commandline parameters (2.6.7)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> In recent 2.6 kernels you can simply do a chmod on /proc/cmdline.

Interesting....still, you'd have to
- - chmod /proc/cmdline
- - chmod /var/log/boot.msg
- - klogctl: reset the kernel message ring buffer
- - ...anything else?

seem's like preventing such data from showing up in the first place would be
much more appropriate. Also, what if that data isn't even for root's eye's
(yes, I am security guy)?

jp
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBGBL/z6J7R+QJGuwRAhxQAJ9/NBCYiIrR+OiKwBaYtsgQzGS2zACgg7a4
OEESJ4MrRSHq/58HP/Tz/1E=
=sCuy
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jens Axboe: "Re: [PATCH 2/2] blk_queue_tags_resize_failure"
Previous message: Juergen Pabel: "Re: [PATCH] Masking kernel commandline parameters (2.6.7)"
In reply to: Andrew Morton: "Re: [PATCH] Masking kernel commandline parameters (2.6.7)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]