Re: [PATCH] lib/vsprintf: make-printk-non-secret printks all addresses as unhashed
From: Timur Tabi
Date: Thu Feb 04 2021 - 17:21:33 EST
On 2/4/21 4:17 PM, Kees Cook wrote:
It's just semantics. Printing addresses DOES weaken the security of a
system, especially when we know attackers have and do use stuff from dmesg
to tune their attacks. How about "reduces the security of your system"?
I think we're bikeshedding now, but I can replace "compromise" with
"reduce".
"Kernel memory addresses are exposed, which may reduce the security of
your system."