From b7f680ac37b139d02f109cfff9ad9344a8415aad Mon Sep 17 00:00:00 2001 From: Alexander Popov Date: Thu, 26 Mar 2020 15:10:50 +0300 Subject: [PATCH] Call it a tool --- README.md | 8 ++++---- kconfig_hardened_check/__init__.py | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index a6794f6..9d557b8 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Kconfig hardened check +# kconfig-hardened-check ## Motivation @@ -26,7 +26,7 @@ or exploitation techniques. - ARM64 - ARM -## Script output examples +## Output examples ### Usage ``` @@ -45,7 +45,7 @@ optional arguments: --json print results in JSON format ``` -### Script output for `Ubuntu 18.04 (Bionic Beaver with HWE)` kernel config +### Output for `Ubuntu 18.04 (Bionic Beaver with HWE)` kernel config ``` $ ./kconfig-hardened-check.py -c config_files/distros/ubuntu-bionic-generic.config [+] Trying to detect architecture in "config_files/distros/ubuntu-bionic-generic.config"... @@ -209,7 +209,7 @@ The current version of `kconfig-hardened-check` is __0.5.5__, it's marked with t __Q:__ How disabling `CONFIG_USER_NS` cuts the attack surface? It's needed for containers! __A:__ Yes, the `CONFIG_USER_NS` option provides some isolation between the userspace programs, -but the script recommends disabling it to cut the attack surface __of the kernel__. +but the tool recommends disabling it to cut the attack surface __of the kernel__. The rationale: diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py index 27f0072..3fcb5e0 100755 --- a/kconfig_hardened_check/__init__.py +++ b/kconfig_hardened_check/__init__.py @@ -1,7 +1,7 @@ #!/usr/bin/python3 # -# This script helps me to check the Linux kernel Kconfig option list +# This tool helps me to check the Linux kernel Kconfig option list # against my hardening preferences for X86_64, ARM64, X86_32, and ARM. # Let the computers do their job! # -- 2.31.1