Re: [0/2][ANNOUNCE] nproc: netlink access to /proc information
From: James Morris
Date: Fri Aug 27 2004 - 09:56:56 EST
On Fri, 27 Aug 2004, Roger Luethi wrote:
> At the moment, the kernel sends a separate netlink message for every
> process.
You should look at the way rtnetlink dumps large amounts of data to
userspace.
> I haven't implemented any form of access control. One possibility is
> to use some of the reserved bits in the ID field to indicate access
> restrictions to both kernel and user space (e.g. everyone, process owner,
> root)
So, user tools would all need to be privileged? That sounds problematic.
> and add some LSM hook for those needing fine-grained control.
Control over the user request, or what the kernel returns? If the latter,
LSM is not really a filtering API.
- James
--
James Morris
<jmorris@xxxxxxxxxx>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/