[kernel-sec-discuss] r2099 - active
Michael Gilbert
gilbert-guest at alioth.debian.org
Tue Dec 14 02:06:24 UTC 2010
Author: gilbert-guest
Date: 2010-12-14 02:06:21 +0000 (Tue, 14 Dec 2010)
New Revision: 2099
Added:
active/CVE-2010-kallsyms-permissions-should-be-400
Log:
new issue
Added: active/CVE-2010-kallsyms-permissions-should-be-400
===================================================================
--- active/CVE-2010-kallsyms-permissions-should-be-400 (rev 0)
+++ active/CVE-2010-kallsyms-permissions-should-be-400 2010-12-14 02:06:21 UTC (rev 2099)
@@ -0,0 +1,16 @@
+Candidate: needed
+Description:
+ /proc/kallsyms should have mode 400
+References:
+ http://thread.gmane.org/gmane.linux.kernel/1063039/focus=1068360
+Notes:
+ restrictions were added to the kernel, then dropped due to a regression, and
+ then an alternative approach was proposed, but it doesn't seem to be accepted.
+ perhaps this is better handled via startup scripts. in any case, its low
+ priority since its just info leaks.
+Bugs:
+upstream:
+2.6.32-upstream-stable:
+linux-2.6:
+2.6.26-lenny-security:
+2.6.32-squeeze-security:
More information about the kernel-sec-discuss
mailing list