Re: [RFC Patch] kcore: restrict access to the whole memory

From: Eugene Teo
Date: Thu Dec 23 2010 - 09:40:01 EST

Next message: Jeff Moyer: "Re: Slow disks."
Previous message: Matthew Garrett: "Re: [PATCH 6/6] cpufreq: Evaluate P1 before enter turbo mode"
In reply to: Cong Wang: "Re: [RFC Patch] kcore: restrict access to the whole memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/23/2010 06:01 PM, Cong Wang wrote:

ä 2010å12æ23æ 07:02, Andrew Morton åé:
On Wed, 22 Dec 2010 19:21:59 +0800
Amerigo Wang<amwang@xxxxxxxxxx> wrote:

This patch restricts /proc/kcore from accessing the whole memory,
instead, only an ELF header can be read.

The initial patch was done by Vivek.

Getting a bit tired of this.

Are we supposed to be mind-readers? How else are we to work out why
you think Linux needs this feature? What problems it solves? What
applications are expected to break and what the breakage patterns are?
Why the benefits are worth the maintenance costs and the risk of
breakage? Why it's done with a config option and not a boot-time or
runtime tunable?

As opposed to /dev/{mem,kmem}, /proc/kcore is read-only. It is meant to be a preventive measure to disallow privileged users from reading the kcore file beyond the ELF headers as it can contain sensitive information. This is based on a patch that we have been carrying in Red Hat Enterprise Linux 5 for a few years. I believe other distributions also have similar restrictions.

Thanks, Eugene

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jeff Moyer: "Re: Slow disks."
Previous message: Matthew Garrett: "Re: [PATCH 6/6] cpufreq: Evaluate P1 before enter turbo mode"
In reply to: Cong Wang: "Re: [RFC Patch] kcore: restrict access to the whole memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]