Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 30 Oct 2011 18:09:40 +0100
From: richard -rw- weinberger <>
To: Arnd Bergmann <>
Cc: Vasiliy Kulikov <>,,, 
	Andrew Morton <>, Greg Kroah-Hartman <>, 
	"David S. Miller" <>
Subject: Re: [RFC 0/5 v4] procfs: introduce hidepid=, hidenet=, gid= mount options

On Thu, Jun 16, 2011 at 12:40 PM, Arnd Bergmann <> wrote:
> On Thursday 16 June 2011, Vasiliy Kulikov wrote:
>> > I have no opinion on whether it's a good idea to include the feature or not.
>> Why not?  Have you some specific complains where it can be perhaps too
>> strong/insufficient/non-configurable?
> No, not at all. I just haven't had the need for this myself, and I'm not
> enough of a security person to judge whether the vulnerability addressed
> by the patch is a relevant one. E.g. if all the sensitive information
> you are hiding in procfs is still available through netlink, your patch
> is pointless. Similarly if there is no recorded case of an attack that
> relies on any of the information in procfs.

Is this interface somewhere documented?
IOW how is it possible to get all processes via netlink?


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.