You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20 lines
536 B
Plaintext
20 lines
536 B
Plaintext
7 years ago
|
# mounted-proc - Fix perms on sensitive /proc filesystem entries
|
||
|
#
|
||
|
# Some files in /proc have sensitive contents that can be used to
|
||
|
# help attackers launch kernel exploits. Making these files readable
|
||
|
# only by root slightly reduces the chances of these kinds of attacks
|
||
|
# being successful.
|
||
|
|
||
|
description "Fix-up sensitive /proc filesystem entries"
|
||
|
|
||
|
start on mounted MOUNTPOINT=/proc TYPE=proc
|
||
|
env MOUNTPOINT=/proc
|
||
|
|
||
|
task
|
||
|
|
||
|
script
|
||
|
if [ -e "${MOUNTPOINT}"/slabinfo ]; then
|
||
|
chmod 0400 "${MOUNTPOINT}"/slabinfo
|
||
|
fi
|
||
|
end script
|