• M
    kernel: make /proc/kallsyms mode 400 to reduce ease of attacking · 59365d13
    Marcus Meissner 提交于
    Making /proc/kallsyms readable only for root by default makes it
    slightly harder for attackers to write generic kernel exploits by
    removing one source of knowledge where things are in the kernel.
    
    This is the second submit, discussion happened on this on first submit
    and mostly concerned that this is just one hole of the sieve ...  but
    one of the bigger ones.
    
    Changing the permissions of at least System.map and vmlinux is also
    required to fix the same set, but a packaging issue.
    
    Target of this starter patch and follow ups is removing any kind of
    kernel space address information leak from the kernel.
    
    [ Side note: the default of root-only reading is the "safe" value, and
      it's easy enough to then override at any time after boot.  The /proc
      filesystem allows root to change the permissions with a regular
      chmod, so you can "revert" this at run-time by simply doing
    
        chmod og+r /proc/kallsyms
    
      as root if you really want regular users to see the kernel symbols.
      It does help some tools like "perf" figure them out without any
      setup, so it may well make sense in some situations.  - Linus ]
    Signed-off-by: NMarcus Meissner <meissner@suse.de>
    Acked-by: NTejun Heo <tj@kernel.org>
    Acked-by: NEugene Teo <eugeneteo@kernel.org>
    Reviewed-by: NJesper Juhl <jj@chaosbits.net>
    Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
    59365d13
kallsyms.c 12.9 KB