Date: Fri, 16 Nov 2001 09:23:02 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Nils Holland <nils@tisys.org> Cc: Holtor <holtor@yahoo.com>, questions@FreeBSD.ORG Subject: Re: PROCFS Message-ID: <20011116092302.A79857@xor.obsecurity.org> In-Reply-To: <20011116142640.W2605-100000@jodie.ncptiddische.net>; from nils@tisys.org on Fri, Nov 16, 2001 at 02:27:37PM %2B0100 References: <20011116130058.32348.qmail@web11601.mail.yahoo.com> <20011116142640.W2605-100000@jodie.ncptiddische.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--envbJBWh7q8WU6mo Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Nov 16, 2001 at 02:27:37PM +0100, Nils Holland wrote: > On Fri, 16 Nov 2001, Holtor wrote: >=20 > > Hello! > > > > Is it safe to remove PROCFS in a custom kernel? It is > > in all kernels by default but from what I notice it > > does absolutely nothing! So it safe to remove? >=20 > Absolutely nothing? Well, it's required for all the stuff you can read out > in /proc. Some vital software uses the information found there, and it is > probably one of the things you really should not remove from your kernel. Actually, almost nothing in the base system relies on it. Given the apparently eternal security risks from procfs it's very sensible not to use it on a system with untrusted users. Kris --envbJBWh7q8WU6mo Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE79Ut1Wry0BWjoQKURApQFAKDMHPnZUvt1kHH4FyVv1j/vXp1vqACdGm0i rfUpKfLi+n1shg+sniJcNDo= =a6za -----END PGP SIGNATURE----- --envbJBWh7q8WU6mo-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011116092302.A79857>