/etc/init/mounted-proc.conf is in mountall 2.36.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | # mounted-proc - Fix perms on sensitive /proc filesystem entries
#
# Some files in /proc have sensitive contents that can be used to
# help attackers launch kernel exploits. Making these files readable
# only by root slightly reduces the chances of these kinds of attacks
# being successful.
description "Fix-up sensitive /proc filesystem entries"
start on mounted MOUNTPOINT=/proc TYPE=proc
env MOUNTPOINT=/proc
task
script
chmod 0400 "${MOUNTPOINT}"/slabinfo
end script
|