kernel: Deactivate CONFIG_BINFMT_MISC
CONFIG_BINFMT_MISC allows it to add support for new executable formats to the kernel from user space, the kernel will then detect for example a java binary and call the java execution program automatically. I am not aware that this feature is used in OpenWrt and this could be used to exploit something. Deactivate it for all targets for now. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit is contained in:
Hauke Mehrtens
@@ -10,7 +10,6 @@ CONFIG_ARCH_HAS_KCOV=y
|
||||
# CONFIG_ARCH_OPTIONAL_KERNEL_RWX is not set
|
||||
# CONFIG_ARCH_OPTIONAL_KERNEL_RWX_DEFAULT is not set
|
||||
# CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set
|
||||
CONFIG_BINFMT_MISC=m
|
||||
CONFIG_BLK_DEV_COW_COMMON=y
|
||||
CONFIG_BLK_DEV_LOOP=y
|
||||
CONFIG_BLK_DEV_UBD=y
|
||||
|
||||
Reference in New Issue
Block a user