On Wed, Sep 12, 2007 at 05:44:30PM -0500, Brent Casavant wrote: > P.S. By the way, there doesn't seem to be a way to remove /proc/#/mem > files. That might be an additional nicety -- programs worried about > being snooped could unlink their own entry. /dev/mem and /dev/kmem > can simply be removed by the sysadmin of such a system. If all of > that were done you'd have to resort to attacking crash dumps, core > dumps, or via something like kdb to extract "hidden" data.
Give me a break. And learn about ptrace(2). This "unlinking" bullshit buys you zero additional security, both for /proc/*/mem and for /dev/mem (see mknod(2)). - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
