SOURCES: linux-2.6-grsec-no-stupid-SoB.patch (NEW) - some levels of Securit...

baggins baggins at pld-linux.org
Mon Dec 1 23:26:26 CET 2008 

Author: baggins                      Date: Mon Dec  1 22:26:26 2008 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- some levels of Security by Obscurity are not acceptable,
  don't let grsecurity remove _useful_ informations from /proc

---- Files affected:
SOURCES:
   linux-2.6-grsec-no-stupid-SoB.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/linux-2.6-grsec-no-stupid-SoB.patch
diff -u /dev/null SOURCES/linux-2.6-grsec-no-stupid-SoB.patch:1.1
--- /dev/null	Mon Dec  1 23:26:27 2008
+++ SOURCES/linux-2.6-grsec-no-stupid-SoB.patch	Mon Dec  1 23:26:21 2008
@@ -0,0 +1,41 @@
+--- linux-2.6.27/init/Kconfig~	2008-11-20 23:26:34.000000000 +0100
++++ linux-2.6.27/init/Kconfig	2008-12-01 20:37:12.000000000 +0100
+@@ -781,8 +781,8 @@
+ source "arch/Kconfig"
+ 
+ config PROC_PAGE_MONITOR
+- 	default n
+-	depends on PROC_FS && MMU && !GRKERNSEC
++ 	default y
++	depends on PROC_FS && MMU
+ 	bool "Enable /proc page monitoring" if EMBEDDED
+  	help
+ 	  Various /proc files exist to monitor process memory utilization:
+@@ -798,9 +798,9 @@
+ 
+ config SLABINFO
+ 	bool
+-	depends on PROC_FS && !GRKERNSEC_PROC_ADD
++	depends on PROC_FS
+ 	depends on SLAB || SLUB_DEBUG
+-	default n
++	default y
+ 
+ config RT_MUTEXES
+ 	boolean
+--- linux-2.6.27/fs/proc/proc_misc.c~	2008-11-20 23:26:30.000000000 +0100
++++ linux-2.6.27/fs/proc/proc_misc.c	2008-12-01 20:35:55.000000000 +0100
+@@ -934,8 +934,12 @@
+ #endif
+ 	proc_create("stat", 0, NULL, &proc_stat_operations);
+ 	proc_create("interrupts", 0, NULL, &proc_interrupts_operations);
+-#if defined(CONFIG_SLABINFO) && !defined(CONFIG_GRKERNSEC_PROC_ADD)
++#ifdef CONFIG_SLABINFO
++#ifdef CONFIG_GRKERNSEC_PROC_ADD
++	proc_create("slabinfo",gr_mode,NULL,&proc_slabinfo_operations);
++#else
+ 	proc_create("slabinfo",S_IWUSR|S_IRUGO,NULL,&proc_slabinfo_operations);
++#endif
+ #ifdef CONFIG_DEBUG_SLAB_LEAK
+ 	proc_create("slab_allocators", 0, NULL, &proc_slabstats_operations);
+ #endif
================================================================

More information about the pld-cvs-commit mailing list