lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <1283969866-4960-1-git-send-email-crquan@gmail.com>
Date:	Thu,  9 Sep 2010 02:17:46 +0800
From:	crquan@...il.com
To:	Mel Gorman <mel@....ul.ie>, akpm@...ux-foundation.org
Cc:	linux-kernel@...r.kernel.org
Subject: [PATCH] sysctl: change vm.drop_caches perm to 0200 to avoid misleading

From: Cheng Renquan <crquan@...il.com>

The original vm.drop_caches perm is 0644 that allows users to read
its current value, that is quite misleading, I read articles often
on that topic teaching people how to see its current value, and how
to change its value to 3; that would make readers to misunderstand
that varaiable works like a long time state variable, and have long
time effect after writing its value to 3:
http://www.penglixun.com/tech/system/manual_free_linux_memory.html

In fact, this value is for debugging purpose only, and only effect
while writing, means during writing its value to 3, the kernel would
reclaim pagecache and slabcache memory explicitly, it works for only
one time; so only its write permission is meaningful, reading that
var's current value is meaningless and quite misleading, and the best
way to stop misleading is to mark it as write only;

Signed-off-by: Cheng Renquan <crquan@...il.com>
---
 kernel/sysctl.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index ca38e8e..0e37e89 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -1126,7 +1126,7 @@ static struct ctl_table vm_table[] = {
 		.procname	= "drop_caches",
 		.data		= &sysctl_drop_caches,
 		.maxlen		= sizeof(int),
-		.mode		= 0644,
+		.mode		= 0200,
 		.proc_handler	= drop_caches_sysctl_handler,
 	},
 #ifdef CONFIG_COMPACTION
-- 
1.7.0.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ