Re: [Security] [PATCH] kernel: make /proc/kallsyms mode 400 toreduce ease of attacking

From: Ingo Molnar
Date: Sun Nov 07 2010 - 07:13:18 EST

Next message: Toralf FÃrster: "Oops w/ 'Terratec Cinergy T USB XXS (HD)/ T3'"
Previous message: Jens Axboe: "Re: 2.6.36 io bring the system to its knees"
In reply to: Willy Tarreau: "Re: [Security] [PATCH] kernel: make /proc/kallsyms mode 400 to reduce ease of attacking"
Next in thread: Willy Tarreau: "Re: [Security] [PATCH] kernel: make /proc/kallsyms mode 400 to reduce ease of attacking"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Willy Tarreau <w@xxxxxx> wrote:

> [...]
>
> It's precisely because you're making a special case of the security bug that you
> want to hide bugs from user-space by cheating on version.

You claimed this for the second time and i'm denying it for the second time.

The goal of fuzzing the version inforation is _not_ to 'hide bugs from user-space by
cheating on version'. The goal is to introduce uncertainty to attackers, so that a
honeypot silent alarm can warn the admin.

Why are you putting words in my mouth?

Thanks,

Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Toralf FÃrster: "Oops w/ 'Terratec Cinergy T USB XXS (HD)/ T3'"
Previous message: Jens Axboe: "Re: 2.6.36 io bring the system to its knees"
In reply to: Willy Tarreau: "Re: [Security] [PATCH] kernel: make /proc/kallsyms mode 400 to reduce ease of attacking"
Next in thread: Willy Tarreau: "Re: [Security] [PATCH] kernel: make /proc/kallsyms mode 400 to reduce ease of attacking"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]