Re: [Security] [PATCH] kernel: make /proc/kallsyms mode 400 toreduce ease of attacking

From: Ingo Molnar
Date: Sun Nov 07 2010 - 07:51:26 EST



* Willy Tarreau <w@xxxxxx> wrote:

> > All must be closed down for unprivileged user-space, for this to be effective,
> > obviously.
>
> This would only be effective against finding a precise version. [...]

I'm glad that you agree with my point.

> [...] There's no need for that, what you want is to hide kernel pointers, [...]

That's a new claim from you - and when put like that it's wrong too: if the goal is
to introduce risk of detection to attackers (which i suggested to be an efficient
security measure), then hiding/fuzzing version information is an essential/needed
piece of such a measure, not something for which there is 'no need'.

Hiding the address of kernel data/code structures is another piece of such a larger
goal. Btw., as i argued it to Marcus already, hiding /proc/kallsyms will not hide
these addresses on the vast majority of Linux systems, and that the patch would only
cure the symptom, not the cause:

|
| But without actually declaring and achieving that sandboxing goal this security
| measure is just a feel-good thing really [...]
|

Anyway, i wasnt particularly successful in conveying my past arguments to you so i'd
rather leave the discussion at this point. You made your points and i made my points
as well.

Thanks,

Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/