skyler / rpms / scap-security-guide

Forked from rpms/scap-security-guide 3 years ago
Clone
Source Code
GIT

Files

  1.   877cb5ca7778a0dbfebde3489032b8fed3356149
  2.   SOURCES
  3.   scap-security-guide-0.1.41-kptr_restrict.patch
Blob Blame History Raw 
--- /dev/null   2018-09-24 12:07:02.352998857 +0200
+++ b/linux_os/guide/system/permissions/restrictions/enable_execshield_settings/sysctl_kernel_kptr_restrict.rule      2018-08-20 22:58:34.441789550 +0200
@@ -0,0 +1,19 @@
+documentation_complete: true
+
+title: 'Restrict exposed kernel pointers addresses access'
+
+description: '{{{ describe_sysctl_option_value(sysctl="kernel.kptr_restrict", value="1") }}}'
+
+rationale: |-
+    Exposing kernel pointers (through procfs or <tt>seq_printf()</tt>) exposes
+    kernel writeable structures that can contain functions pointers. If a write vulnereability occurs
+    in the kernel allowing a write access to any of this structure, the kernel can be compromise. This
+    option disallow any program withtout the CAP_SYSLOG capability from getting the kernel pointers addresses,
+    replacing them with 0.
+
+severity: low
+
+references:
+    anssi: NT28(R23)
+
+{{{ complete_ocil_entry_sysctl_option_value(sysctl="kernel.kptr_restrict", value="1") }}}

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation