On Mon, Apr 18, 2005 at 08:46:52PM +0200, Lorenzo Hernández García-Hierro wrote: > This patch changes the permissions of the following procfs entries to > restrict non-root users from accessing them: > > - /proc/devices > - /proc/cmdline > - /proc/version > - /proc/uptime > - /proc/cpuinfo
This is utterly absurd. You can find out anything thats in /proc/cpuinfo by calling cpuid instructions yourself. Please enlighten me as to what security gains we achieve by not allowing users to see this ? Restricting lots of the other files are equally absurd. I'd also be very surprised if various random bits of userspace broke subtley due to this nonsense. Dave - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/