Re: access to /dev/mem
Posted Jul 22, 2005 1:47 UTC (Fri) by sweikart
In reply to: The ExecShield patches
Parent article: Kernel Summit 2005: The ExecShield patches
Here's a good description of it:
And here's an implementation for dropping capabilities at boot time:
Since you can disable access to /dev/mem with the capability bounding set, I would request that the semantics of /dev/mem not change.
to post comments)