Commit 59365d13 authored by Marcus Meissner's avatar Marcus Meissner Committed by Linus Torvalds

kernel: make /proc/kallsyms mode 400 to reduce ease of attacking

Making /proc/kallsyms readable only for root by default makes it
slightly harder for attackers to write generic kernel exploits by
removing one source of knowledge where things are in the kernel.

This is the second submit, discussion happened on this on first submit
and mostly concerned that this is just one hole of the sieve ...  but
one of the bigger ones.

Changing the permissions of at least System.map and vmlinux is also
required to fix the same set, but a packaging issue.

Target of this starter patch and follow ups is removing any kind of
kernel space address information leak from the kernel.

[ Side note: the default of root-only reading is the "safe" value, and
  it's easy enough to then override at any time after boot.  The /proc
  filesystem allows root to change the permissions with a regular
  chmod, so you can "revert" this at run-time by simply doing

    chmod og+r /proc/kallsyms

  as root if you really want regular users to see the kernel symbols.
  It does help some tools like "perf" figure them out without any
  setup, so it may well make sense in some situations.  - Linus ]
Signed-off-by: default avatarMarcus Meissner <meissner@suse.de>
Acked-by: default avatarTejun Heo <tj@kernel.org>
Acked-by: default avatarEugene Teo <eugeneteo@kernel.org>
Reviewed-by: default avatarJesper Juhl <jj@chaosbits.net>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 1d663650
...@@ -546,7 +546,7 @@ static const struct file_operations kallsyms_operations = { ...@@ -546,7 +546,7 @@ static const struct file_operations kallsyms_operations = {
static int __init kallsyms_init(void) static int __init kallsyms_init(void)
{ {
proc_create("kallsyms", 0444, NULL, &kallsyms_operations); proc_create("kallsyms", 0400, NULL, &kallsyms_operations);
return 0; return 0;
} }
device_initcall(kallsyms_init); device_initcall(kallsyms_init);
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment