Re: [kernel-hardening] Re: [RFC PATCH 2/2] mm: restrict access to /proc/slabinfo
From: Valdis . Kletnieks
Date: Mon Sep 19 2011 - 15:46:41 EST
On Mon, 19 Sep 2011 18:46:58 +0400, Vasiliy Kulikov said:
> One note: only to _kernel_ developers. It means it is a strictly
> debugging feature, which shouldn't be enabled in the production systems.
Until somebody at vendor support says "What does 'cat /proc/slabinfo' say?"
Anybody who thinks that debugging tools should be totally disabled on
"production" systems probably hasn't spent enough time actually
running production systems.
Attachment:
pgp00000.pgp
Description: PGP signature