Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261199AbVDRSux (ORCPT ); Mon, 18 Apr 2005 14:50:53 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262160AbVDRSux (ORCPT ); Mon, 18 Apr 2005 14:50:53 -0400 Received: from vds-320151.amen-pro.com ([62.193.204.86]:18313 "EHLO vds-320151.amen-pro.com") by vger.kernel.org with ESMTP id S261199AbVDRSum (ORCPT ); Mon, 18 Apr 2005 14:50:42 -0400 Subject: [PATCH 0/7] procfs privacy From: Lorenzo =?ISO-8859-1?Q?Hern=E1ndez_?= =?ISO-8859-1?Q?Garc=EDa-Hierro?= To: "linux-kernel@vger.kernel.org" Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-7PkIN7kTsWfYeZ/KazZD" Date: Mon, 18 Apr 2005 20:46:16 +0200 Message-Id: <1113849977.17341.68.camel@localhost.localdomain> Mime-Version: 1.0 X-Mailer: Evolution 2.2.1.1 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2050 Lines: 71 --=-7PkIN7kTsWfYeZ/KazZD Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable As extracted from grsecurity's config. documentation: "non-root users will only be able to view their own processes, and restricts them from viewing network-related information, and viewing kernel symbol and module information." This is a procfs "privacy" split-up patch based in grsecurity procfs restrictions with some changes, more concretely, the restricted sections and entries are: - /proc/bus /pci - /proc/net - /proc/config.gz - /proc/kallsyms - /proc/ioports - /proc/iomem - /proc/devices - /proc/cmdline - /proc/version - /proc/uptime - /proc/cpuinfo - /proc/partitions - /proc/stat - /proc/interrupts - /proc/slabinfo - /proc/diskstats - /proc/modules - /proc/schedstat Signed-off-by: Lorenzo Hernandez Garcia-Hierro --- linux-2.6.11-lorenzo/drivers/pci/proc.c | 4 ++-- linux-2.6.11-lorenzo/fs/proc/base.c | 10 +++++++++- linux-2.6.11-lorenzo/fs/proc/proc_misc.c | 25 +++++++++++++------------ linux-2.6.11-lorenzo/fs/proc/root.c | 4 ++-- linux-2.6.11-lorenzo/kernel/configs.c | 2 +- linux-2.6.11-lorenzo/kernel/kallsyms.c | 2 +- linux-2.6.11-lorenzo/kernel/resource.c | 4 ++-- 7 files changed, 30 insertions(+), 21 deletions(-) --=20 Lorenzo Hern=E1ndez Garc=EDa-Hierro =20 [1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org] --=-7PkIN7kTsWfYeZ/KazZD Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQBCZAB4DcEopW8rLewRAvylAJ4sZ+S+8XQXw2r4s0iRABwBwUXaUQCgnayG Fqu2ci227cLUDsfpH5gbzWQ= =RVhI -----END PGP SIGNATURE----- --=-7PkIN7kTsWfYeZ/KazZD-- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/