Re: [PATCH] kernel: make /proc/kallsyms mode 400 to reduce ease ofattacking

From: Tejun Heo
Date: Thu Nov 04 2010 - 10:49:28 EST


Hello,

On 11/04/2010 03:43 PM, H. Peter Anvin wrote:
>> We already have relocatable kernel for kdump and IIRC it doesn't add
>> runtime overhead, so putting the kernel at random address shouldn't be
>> too difficult. Not sure how useful that would be tho.
>
> It's very coarse-grained relocation, which is why it works.

Yeah, I recall reading the fairly simple relocator somewhere in the
x86 tree. Would it be impossible/difficult to improve it?

> P.S. It's not just for kdump anymore.

Ah, didn't know that either.

Thanks.

--
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/