Re: Further shmctl() SHM_LOCK strangeness

From: Rik van Riel
Date: Fri Nov 26 2004 - 19:42:14 EST

Next message: Ian Molton: "Re: [PATCH] kill unused call_irq()"
Previous message: Ingo Molnar: "Re: [patch] Real-Time Preemption, -RT-2.6.10-rc2-mm3-V0.7.31-0"
In reply to: Michael Kerrisk: "Re: Further shmctl() SHM_LOCK strangeness"
Next in thread: Michael Kerrisk: "Re: Further shmctl() SHM_LOCK strangeness"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 25 Nov 2004, Michael Kerrisk wrote:

I don't think this is sufficient -- there must
be protection against arbitrary SHM_LOCKs.

Why? We already have ulimits do that...

How about the following:

For *both* SHM_LOCK and SHM_UNLOCK, the process should either
be the owner or the creator of the object or have the
CAP_IPC_LOCK capability.

It makes a lot of sense, but I don't know whether or not
it'd break any applications...

--
"Debugging is twice as hard as writing the code in the first place.
Therefore, if you write the code as cleverly as possible, you are,
by definition, not smart enough to debug it." - Brian W. Kernighan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ian Molton: "Re: [PATCH] kill unused call_irq()"
Previous message: Ingo Molnar: "Re: [patch] Real-Time Preemption, -RT-2.6.10-rc2-mm3-V0.7.31-0"
In reply to: Michael Kerrisk: "Re: Further shmctl() SHM_LOCK strangeness"
Next in thread: Michael Kerrisk: "Re: Further shmctl() SHM_LOCK strangeness"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]