Artifact [e7bb9aeb0c]

Artifact e7bb9aeb0cde99d3bd3e7da8e592378bdd634b88:

Wiki page [kmod-nokeyctl] by rkeene on 2016-01-20 15:45:38.
D 2016-01-20T15:45:38.131
L kmod-nokeyctl
N text/x-markdown
P 0c640fb0f175a6ebf0cfe3366902589b289a3344
U rkeene
W 597
kmod-nokeyctl
=============

Simple kernel module which disables the keyctl(2) system call to workaround CVE-2016-0728 on vulnerable systems without rebooting until a proper patch can be applied.

Download
--------

  1. [Version 1](tarball/kmod-nokeyctl-1.tar.gz?uuid=6546477ed59c71f6a0f47e3b10f25f373a7c92ea) (**LATEST**)


Usage
-----

    $ ./configure
    $ make
    $ sudo -i insmod "$(pwd)/nokeyctl.ko"


Verification
------------

    $ sudo dmesg
    ...
    [2811856.665590] [nokeyctl] keyctl syscall disabled


Removal
-------

    $ sudo -i rmmod nokeyctl
Z de4237c649889aee31449e1f85bcda39