Hello there,
Could someone explain to me why PROC_PAGE_MONITOR is disabled by grsecurity?
I wanted to use /proc/#pid#/smaps to determine the memory consumption of several processes.
Is there a way around?
Regards
tt
PROC_PAGE_MONITOR
5 posts
• Page 1 of 1
PROC_PAGE_MONITOR
by thinktank » Wed Sep 16, 2009 5:28 pm
- thinktank
- Posts: 3
- Joined: Thu Jun 19, 2008 12:56 am
Re: PROC_PAGE_MONITOR
by spender » Wed Sep 16, 2009 8:50 pm
It gives out way too much information about the address space and physical memory locations. It's a threat not just to ASLR but can make some kernel exploitation easier. Also IIRC it had several vulnerabilities found in it when it was first implemented, so I've had it forced off ever since it was added to the kernel.
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: PROC_PAGE_MONITOR
by thinktank » Thu Sep 17, 2009 4:14 pm
Thank you Brad. Can I just remove the !GRKERNSEC from PROC_PAGE_MONITOR in /fs/proc/Kconfig and set the default to y, at my own risk?
Or are there more steps necessary in order to make this work properly? Are there even better solutions for such tasks?
Regards
tt
Or are there more steps necessary in order to make this work properly? Are there even better solutions for such tasks?
Regards
tt
- thinktank
- Posts: 3
- Joined: Thu Jun 19, 2008 12:56 am
Re: PROC_PAGE_MONITOR
by spender » Thu Sep 17, 2009 4:57 pm
At your own risk, you can do whatever you would like to the patch 
That single change though should let you enable it.
-Brad
That single change though should let you enable it.
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
Re: PROC_PAGE_MONITOR
by thinktank » Fri Sep 18, 2009 9:35 pm
hehe, cool, thanks, I'll give it a try :)
- thinktank
- Posts: 3
- Joined: Thu Jun 19, 2008 12:56 am
5 posts
• Page 1 of 1