subject:"\[PATCH 3\/5\] module\: Do not expose section addresses to non\-CAP_SYSLOG"

Re: [PATCH 3/5] module: Do not expose section addresses to non-CAP_SYSLOG

2020-07-08 Thread Jessica Yu

+++ Kees Cook [02/07/20 16:26 -0700]: The printing of section addresses in /sys/module/*/sections/* was not using the correct credentials to evaluate visibility. Before: # cat /sys/module/*/sections/.*text 0xc0458000 ... # capsh --drop=CAP_SYSLOG -- -c "cat /sys/module/*/sections/.*text

[PATCH 3/5] module: Do not expose section addresses to non-CAP_SYSLOG

2020-07-02 Thread Kees Cook

The printing of section addresses in /sys/module/*/sections/* was not using the correct credentials to evaluate visibility. Before: # cat /sys/module/*/sections/.*text 0xc0458000 ... # capsh --drop=CAP_SYSLOG -- -c "cat /sys/module/*/sections/.*text" 0xc0458000 ... After: