On Sat, Mar 31, 2018 at 5:18 PM, Felix Fietkau <n...@nbd.name> wrote:
> On 2018-03-30 15:18, Rosen Penev wrote:
>> The only downside to this is that it breaks perf with non-root users. I 
>> don't think this is an issue in OpenWrt.
>>
>> Signed-off-by: Rosen Penev <ros...@gmail.com>
>> ---
>>  package/base-files/files/etc/sysctl.conf | 3 +++
>>  1 file changed, 3 insertions(+)
>>
>> diff --git a/package/base-files/files/etc/sysctl.conf 
>> b/package/base-files/files/etc/sysctl.conf
>> index ddc7a9bf69..61a43057a1 100644
>> --- a/package/base-files/files/etc/sysctl.conf
>> +++ b/package/base-files/files/etc/sysctl.conf
>> @@ -2,6 +2,9 @@ kernel.panic=3
>>  kernel.core_pattern=/tmp/%e.%t.%p.%s.core
>>  fs.suid_dumpable=2
>>
>> +#disable kernel pointer access from normal users
>> +kernel.kptr_restrict=1
> NACK. This will probably make some back traces in case of crashes less
> useful and thus hurt debugging.
> Also, it's completely pointless, since we don't have KALSR and thus the
> kernel memory addresses are mostly stable and predictable anyway.
>
Will drop.
> - Felix

_______________________________________________
Lede-dev mailing list
Lede-dev@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/lede-dev

Reply via email to