Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262187AbVDRTvQ (ORCPT ); Mon, 18 Apr 2005 15:51:16 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262186AbVDRTvP (ORCPT ); Mon, 18 Apr 2005 15:51:15 -0400 Received: from vds-320151.amen-pro.com ([62.193.204.86]:39643 "EHLO vds-320151.amen-pro.com") by vger.kernel.org with ESMTP id S262187AbVDRTuz (ORCPT ); Mon, 18 Apr 2005 15:50:55 -0400 Subject: Re: [PATCH 3/7] procfs privacy: misc. entries From: Lorenzo =?ISO-8859-1?Q?Hern=E1ndez_?= =?ISO-8859-1?Q?Garc=EDa-Hierro?= To: Dave Jones Cc: "linux-kernel@vger.kernel.org" In-Reply-To: <20050418190552.GA26322@redhat.com> References: <1113850012.17341.71.camel@localhost.localdomain> <20050418190552.GA26322@redhat.com> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-GuZUekpa/UFf6TUTDfND" Date: Mon, 18 Apr 2005 21:39:36 +0200 Message-Id: <1113853176.17341.101.camel@localhost.localdomain> Mime-Version: 1.0 X-Mailer: Evolution 2.2.1.1 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1759 Lines: 53 --=-GuZUekpa/UFf6TUTDfND Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable El lun, 18-04-2005 a las 15:05 -0400, Dave Jones escribi=F3: > This is utterly absurd. You can find out anything thats in /proc/cpuinfo > by calling cpuid instructions yourself. Right, it doesn't make it worthy enough to represent any risk. > Please enlighten me as to what security gains we achieve > by not allowing users to see this ? It's more obscurity than anything else. At least that's what privacy means usually. It doesn't assure at all the unavailability of your information to others, it just tries to hide it from the public eye. > Restricting lots of the other files are equally absurd. >=20 > I'd also be very surprised if various random bits of userspace > broke subtley due to this nonsense. I agree, as an example, grsecurity allows the configuration of a group with rights over the restricted entries, that's why I split up the patch for these entries. Thanks for the comments. Cheers. --=20 Lorenzo Hern=E1ndez Garc=EDa-Hierro =20 [1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org] --=-GuZUekpa/UFf6TUTDfND Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQBCZAz4DcEopW8rLewRAgN0AKCf7GyqsmRESnM9uclx4uJ4QmUo6wCdESh9 8GJU3P1TsDVsRBTkwnyQx8M= =ejyB -----END PGP SIGNATURE----- --=-GuZUekpa/UFf6TUTDfND-- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/