Re: [PATCH 0/7] procfs privacy

From: Lorenzo Hernández García-Hierro
Date: Mon Apr 18 2005 - 14:53:51 EST


El lun, 18-04-2005 a las 15:27 -0400, Rik van Riel escribió:
> The same "this forces people to run system monitoring tasks
> as root, potentially opening themselves up to security holes"
> comment applies to this patch.

That's because the patch is split up, those bits are on the proc_misc
one.

I agree, btw. ;)

Adding a "trusted user group"-like configuration option could be useful,
as it's done within grsecurity, among that the whole thing might be good
to depend on a config. option, but that implies using weird ifdef's and
the other folks.

Cheers,
--
Lorenzo Hernández García-Hierro <lorenzo@xxxxxxx>
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]

Attachment: signature.asc
Description: This is a digitally signed message part