On Mon, Sep 12, 2011 at 19:06 +0400, Cyrill Gorcunov wrote: > On Sat, Sep 10, 2011 at 08:41:34PM +0400, Vasiliy Kulikov wrote: > > Historically /proc/slabinfo has 0444 permissions and is accessible to > > the world. slabinfo contains rather private information related both to > > the kernel and userspace tasks. Depending on the situation, it might > > reveal either private information per se or information useful to make > > another targeted attack. Some examples of what can be learned by > > reading/watching for /proc/slabinfo entries: > > > ... > > Since this file is controversy point, probably its permissions might be > configurable via setup option? We could create DEBUG_PROC (of cource, defaults to =n) to keep current relaxed procfs permissions, but I don't think a configure option is needed for a thing which is trivially done via "chmod" in init scripts. -- Vasiliy Kulikov http://www.openwall.com - bringing security into open computing environments -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>