On Fri, Nov 02, 2012 at 05:22:41PM +0100, Jiri Kosina wrote: > On Fri, 2 Nov 2012, Vivek Goyal wrote: > > > > > "crash" utility has module which allows reading kernel memory. So leaking > > > > this private key will be easier then you are thinking it to be. > > > > > > That's not upstream, right? > > > > Yes, checked with Dave, it is not upstream. Well, still it is a concern > > for distro kernel. > > Well, that's about /dev/crash, right? Yes, I was talking about /dev/crash. > > How about /proc/kcore? Yes, we will have to lock down /proc/kcore too if we go the private key solution way. Thanks Vivek -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
