[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20101130192152.GD5295@ucw.cz>
Date: Tue, 30 Nov 2010 20:21:52 +0100
From: Pavel Machek <pavel@....cz>
To: Marcus Meissner <meissner@...e.de>
Cc: Peter Zijlstra <a.p.zijlstra@...llo.nl>, tglx@...utronix.de,
mingo@...e.hu, akpm@...ux-foundation.org, rusty@...tcorp.com.au,
torvalds@...ux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] kernel/time: Make /proc/timer_list mode 0400
Hi!
> > > /proc/timer_list contains kernel addresses, like e.g.:
> > > #0: <c000000001404158>, tick_sched_timer, S:01, .tick_nohz_restart_sched_tick, swapper/0
> > > ...
> > >
> > > Avoid leaking them to user space to make writing kernel exploits a bit harder.
> > >
> > > (I currently cannot think of a userland tool that uses this, this is
> > > likely pretty much root-only.)
> >
> > iirc powertop parses this..
>
> powertop already says on startup:
>
> PowerTOP needs to be run as root to collect enough information
>
> And as developer tool it usually is for people having root access.
.....and now you are actively decreasing security.
Yes, developers usally have root access, but no, developers do not
like to work as root.
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists