On Wed, 21 Sep 2011 21:05:27 +0400, Vasiliy Kulikov said: > Sorry, I've poorly worded my statement. Of course I mean root-only > slabinfo, not totally disable it. Oh, that I can live with.. ;) > Linus, Alan, Kees, and Dave are about to simply restrict slabinfo (and > probably similar interfaces) to root. Pekka is OK too. > > Christoph and Valdis are about to create new CONFIG_ option to be able > to restrict the access to slabinfo/etc., but with old relaxed > permissions. I'm OK with a decision to just make the files mode 400 and be done with it, since I can always stick a chmod in the startup scripts if it's *really* a problem. Just that *if* we add a CONFIG_ option, it shouldn't be slabinfo-specific, but should cover the *other* identified info-leakers in /proc and /sys as well.
Attachment:
pgp7NExbZqRNh.pgp
Description: PGP signature