Bug 203541

Summary: Restricting hardware information from users other than root
Product: Other Reporter: john.pseudonym1
Component: OtherAssignee: other_other
Status: NEW ---    
Severity: normal    
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 4.9.0-9 Subsystem:
Regression: No Bisected commit-id:

Description john.pseudonym1 2019-05-07 19:34:10 UTC 
Hi, 

As part of the hardening of an anonymity focused operating system called Whonix, we would like to restrict the hardware information from users other than root to prevent the possibility of this being an identifier. 

We would do this by changing permissions of files like /proc/cpuinfo, /bin/lspci and some files in /sys so only root can access them.

How would this affect the OS? Would it have any negative effects or errors and would it be possible to include restricted permissions by default so every installation would have this? If it won't cause errors, of course.

Also, is there any way of restricting the hardware information from even root so an attacker that gains root privileges cannot get the hardware information?

Best regards.