SOURCES: linux-2.6-grsec-no-stupid-SoB.patch (NEW) - some levels of Securit...
baggins
baggins at pld-linux.org
Mon Dec 1 23:26:26 CET 2008
Author: baggins Date: Mon Dec 1 22:26:26 2008 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- some levels of Security by Obscurity are not acceptable,
don't let grsecurity remove _useful_ informations from /proc
---- Files affected:
SOURCES:
linux-2.6-grsec-no-stupid-SoB.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/linux-2.6-grsec-no-stupid-SoB.patch
diff -u /dev/null SOURCES/linux-2.6-grsec-no-stupid-SoB.patch:1.1
--- /dev/null Mon Dec 1 23:26:27 2008
+++ SOURCES/linux-2.6-grsec-no-stupid-SoB.patch Mon Dec 1 23:26:21 2008
@@ -0,0 +1,41 @@
+--- linux-2.6.27/init/Kconfig~ 2008-11-20 23:26:34.000000000 +0100
++++ linux-2.6.27/init/Kconfig 2008-12-01 20:37:12.000000000 +0100
+@@ -781,8 +781,8 @@
+ source "arch/Kconfig"
+
+ config PROC_PAGE_MONITOR
+- default n
+- depends on PROC_FS && MMU && !GRKERNSEC
++ default y
++ depends on PROC_FS && MMU
+ bool "Enable /proc page monitoring" if EMBEDDED
+ help
+ Various /proc files exist to monitor process memory utilization:
+@@ -798,9 +798,9 @@
+
+ config SLABINFO
+ bool
+- depends on PROC_FS && !GRKERNSEC_PROC_ADD
++ depends on PROC_FS
+ depends on SLAB || SLUB_DEBUG
+- default n
++ default y
+
+ config RT_MUTEXES
+ boolean
+--- linux-2.6.27/fs/proc/proc_misc.c~ 2008-11-20 23:26:30.000000000 +0100
++++ linux-2.6.27/fs/proc/proc_misc.c 2008-12-01 20:35:55.000000000 +0100
+@@ -934,8 +934,12 @@
+ #endif
+ proc_create("stat", 0, NULL, &proc_stat_operations);
+ proc_create("interrupts", 0, NULL, &proc_interrupts_operations);
+-#if defined(CONFIG_SLABINFO) && !defined(CONFIG_GRKERNSEC_PROC_ADD)
++#ifdef CONFIG_SLABINFO
++#ifdef CONFIG_GRKERNSEC_PROC_ADD
++ proc_create("slabinfo",gr_mode,NULL,&proc_slabinfo_operations);
++#else
+ proc_create("slabinfo",S_IWUSR|S_IRUGO,NULL,&proc_slabinfo_operations);
++#endif
+ #ifdef CONFIG_DEBUG_SLAB_LEAK
+ proc_create("slab_allocators", 0, NULL, &proc_slabstats_operations);
+ #endif
================================================================
More information about the pld-cvs-commit
mailing list