Re: [Security] [PATCH] kernel: make /proc/kallsyms mode 400 toreduce ease of attacking
From: Ingo Molnar
Date: Sun Nov 07 2010 - 07:13:18 EST
* Willy Tarreau <w@xxxxxx> wrote:
> [...]
>
> It's precisely because you're making a special case of the security bug that you
> want to hide bugs from user-space by cheating on version.
You claimed this for the second time and i'm denying it for the second time.
The goal of fuzzing the version inforation is _not_ to 'hide bugs from user-space by
cheating on version'. The goal is to introduce uncertainty to attackers, so that a
honeypot silent alarm can warn the admin.
Why are you putting words in my mouth?
Thanks,
Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/