[kernel-sec-discuss] r2104 - active
dann frazier
dannf at dannf.org
Mon Jan 3 16:49:59 UTC 2011
On Fri, Dec 24, 2010 at 06:35:34PM -0500, Michael Gilbert wrote:
> On Fri, Dec 24, 2010 at 12:25 PM, Moritz Muehlenhoff wrote:
> > Author: jmm
> > Date: 2010-12-24 17:25:45 +0000 (Fri, 24 Dec 2010)
> > New Revision: 2104
> >
> > Removed:
> > active/CVE-2010-kallsyms-permissions-should-be-400
> > Log:
> > not a security issue, for a distro kernel they're known anyway
>
> Isn't it worthwhile tracking this kind of thing just to make sure at
> some point it does get fixed (even though its really more of a
> hardening step)?
I don't think so, because adding it to the kernel-sec tracker will not
affect whether or not we include the change. If upstream takes it, so
will we. Until then, it feels more like a wishlist bug for a userspace
hardening package. Perhaps harden-clients could drop in an
initramfs-hook to chmod it?
More information about the kernel-sec-discuss
mailing list