[PATCH 25/27] Lock down /proc/kcore
James Morris
james.l.morris at oracle.com
Sat Oct 21 02:11:34 UTC 2017
On Thu, 19 Oct 2017, David Howells wrote:
> Disallow access to /proc/kcore when the kernel is locked down to prevent
> access to cryptographic data.
>
> Signed-off-by: David Howells <dhowells at redhat.com>
Reviewed-by: James Morris <james.l.morris at oracle.com>
I have to wonder, though, after everything is locked down, how easy will
it be for new things to slip in which need to be included in the lockdown,
but are not.
--
James Morris
<james.l.morris at oracle.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list