On Fri, Mar 04, 2011 at 13:27 -0800, Greg KH wrote: > On Fri, Mar 04, 2011 at 07:11:24PM +0300, Vasiliy Kulikov wrote: > > If /proc/sys/kernel/modules_disabled is set to 1, then nobody (even full > > root) may not read/write arbitrary kernel memory. In spite of it, > > hibernation allows anyone with an access to either /dev/snapshot or > > /sys/power/ make the full snapshot of the system. This snapshot may be > > freely changed and uploaded back. > > This sounds like a very unintentional change to the "don't load any > modules" option, right? If so, you should really document this > somewhere, otherwise people are going to get very confused when their > system suspends suddenly stop working for no obvious reason. Agreed, thank you. Is Documentation/sysctl/kernel.txt an appropriate place? -- Vasiliy Kulikov http://www.openwall.com - bringing security into open computing environments _______________________________________________ linux-pm mailing list linux-pm@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/linux-pm
