On Wed, Jul 17, 2024 at 02:13:58PM +0300, Adrian Ratiu wrote: > This simple Kconfig option removes the FOLL_FORCE flag from > procfs write calls because it can be abused. For this to be available for general distros, I still want to have a bootparam to control this, otherwise this mitigation will never see much testing as most kernel deployments don't build their own kernels. A simple __ro_after_init variable can be used. In the future if folks want a more flexible version, we could make this a one-way per-process flag, like no_new_privs. -- Kees Cook
