[Ksummit-discuss] security-related TODO items?

David Howells dhowells at redhat.com
Thu Feb 2 21:12:34 UTC 2017


Andy Lutomirski <luto at amacapital.net> wrote:

> Here's another one: split up and modernize /proc.

Just remember: /proc is part of the user API.  It contains system calls that
are implemented with open/read/write/close rather than syscall directly.  As
such, you may not alter functionality that will break userspace[*].

[*] OTOH restricting stuff for security purposes does have merit, so I'm not
    totally against the idea.

David


More information about the Ksummit-discuss mailing list