On Thu, Apr 25, 2024 at 09:51:56PM +0100, Matthew Wilcox wrote: > On Thu, Apr 25, 2024 at 04:45:51PM -0400, Kent Overstreet wrote: > > On Thu, Apr 25, 2024 at 01:08:50PM -0700, Kees Cook wrote: > > > The /proc/allocinfo file exposes a tremendous about of information about > > > kernel build details, memory allocations (obviously), and potentially > > > even image layout (due to ordering). As this is intended to be consumed > > > by system owners (like /proc/slabinfo), use the same file permissions as > > > there: 0400. > > > > Err... > > > > The side effect of locking down more and more reporting interfaces is > > that programs that consume those interfaces now have to run as root. > > sudo cat /proc/allocinfo | analyse-that-fie Even that is still an annoyance, but I'm thinking more about a future daemon to collect this every n seconds - that really shouldn't need to be root. And the "lock everything down" approach really feels like paranoia gone too far - what's next, /proc/cpuinfo? Do we really want to go the Windows approach of UAC pop ups for everything? I'd rather be going the opposite direction, of making it as easy as possible for users to see what's going on with their machine. Instead, why not a sysctl, like we already have for perf? The concern about leaking image layout could be addressed by sorting the output before returning to userspace.
