On Thu, Apr 25, 2024 at 01:08:50PM -0700, Kees Cook wrote: > The /proc/allocinfo file exposes a tremendous about of information about > kernel build details, memory allocations (obviously), and potentially > even image layout (due to ordering). As this is intended to be consumed > by system owners (like /proc/slabinfo), use the same file permissions as > there: 0400. Err... The side effect of locking down more and more reporting interfaces is that programs that consume those interfaces now have to run as root. That's not what we want.
