Hello, The kernel propose to display the kernel configuration between the /proc/config or /proc/config.gz, but if you don't won't to reveal to everybody your kernel configuration you can : * Don't use this features. * restrict /proc access between ACL or grsecurity proc restrictions But if you use genkernel to create your kernel, the kernel config file is created into a directory named /etc/kernels/ by this code ------------------------------------------------------- then print_info 1 "Copying config for successful build to /etc/kernels/kernel-config-${ARCH}-${KV}" [ ! -e '/etc/kernels' ] && mkdir -p /etc/kernels cp "${KERNEL_DIR}/.config" "/etc/kernels/kernel-config-${ARCH}-${KV}" fi --------------------------------------------------- The directory is by default created with world readable permissions and the kernel config files are also world readable. This is a information leak from genkernel Regards. Reproducible: Always Steps to Reproduce: 1. 2. 3. Actual Results: /etc/kernels/ is world readable Expected Results: /etc/kernels/ should not be word readable.
Don't see how this has a security impact if your config leaks and most other /etc/conf.d items are world readable anyway so IMO they'd also want changing.
Hello, I love to use genkernel. But don't wan't by default that kernel config is world readable. I know they are some configuration possible into /etc/genkernel.conf to say to not save the config file into /etc/kernels/ But why not by default create /etc/kernels/ with rw-r---- ? So only root has access to the kernel config ??? The kernel config could reveal that you use grsec, with this kind of features, or that you have apply selinux patch Maybe hardened kernel should not compiled with a default genkernel configuration ? Is this the solution ? Or just chmod the /etc/kernels/ ? Regards.
Not a bug, if somebody else thinks that this is a risk please reopen and explain. Either way, dmesg, ps -f or top reveal more information than a kernel config, which doesn't even state whether or not the config reflects the active kernel.
This is maybe not a security risk, but why not put /etc/kernels/ not world readable by default ?
Reassigning as a feature request.
This is pointless. These are non executable text files. You are trying to accomplish something that grsecurity acls or a wrapper script could accomplish. There are many other ways to determine what kernel modules etc the system was compiled with. Ie. scanning /proc, ls /lib/modules, etc. Also the kernel modules are installed be default with everyone being able to read them, the kernel sources are installed with everyone being able to read them. I can read the sources and figure out a way to hack the box then. or load the modules in a binary editor and figure out a way to hack them. The best thing to do from a security standpoint is to not have the kernel sources gcc or anything else that would allow compilation on your box or someone could compile a program that will hack you. Best solution write a wrapper script around genkernel that resets the permissions. Unless we get a stronger concern that people can read .configs this behavior will not change.
