On a streamlined kernel config I've been toying with disabling /dev/ksyms but will probably leave it enabled. I've read theo saying in the archive, something like netstat should be updated to use the vmstat mechanisms but the nestat code is horrible to work on.
Does netstat just use it for speed reasons or for normal user access to the info too and what else breaks. Does disabling it make an attackers job slightly more difficult at all? Kc
