Fedora Kernel: Strict user copy checks: Disabled
Reindl Harald
h.reindl at thelounge.net
Tue Jul 16 13:39:35 UTC 2013
Hi
is there a strong performance-wise reason for
"Strict user copy checks: Disabled" - IMHO if
something may make things more secure while not
have a dramatically performance impact security
in doubt should go first
__________________________________________________
[root at rh:~]$ checksec --kernel
* Kernel protection information:
Description - List the status of kernel protection mechanisms. Rather than
inspect kernel mechanisms that may aid in the prevention of exploitation of
userspace processes, this option lists the status of kernel configuration
options that harden the kernel itself against attack.
Kernel config: /boot/config-3.9.10-200.fc18.x86_64
Warning: The config on disk may not represent running kernel config!
GCC stack protector support: Enabled
Strict user copy checks: Disabled
Enforce read-only kernel data: Enabled
Restrict /dev/mem access: Enabled
Restrict /dev/kmem access: Enabled
More information about the kernel
mailing list