Re: [RFC][PATCH] Simple privacy enhancement for /proc/<pid>
From: Bodo Eggert
Date: Sun Apr 10 2005 - 13:10:34 EST
On Sun, 10 Apr 2005, Rene Scharfe wrote:
> First, configuring via kernel parameters is sufficient.
I don't remember: Would a mount option be equally easy to implement?
(Kernel parameters are OK for me, too.)
> I have another idea: let's keep the details of _every_ process owned by
> user root readable by anyone.
What about SUID processes acting on behalf of users?
> - processor.max_cstate= [HW, ACPI]
> - Limit processor to maximum C-state
> - max_cstate=9 overrides any DMI blacklist limit.
> -
This seems to belong into another patch
(in pid_revalidate:)
What about moving the things around? (just editing in the MUA)
> + if (IS_PID_DIR(proc_type(inode)) || task_dumpable(task)) {
> inode->i_uid = task->euid;
> + inode->i_gid = proc_gid;
> + if (!proc_privacy || IS_PID_DIR(proc_type(inode)))
> inode->i_gid = task->egid;
> } else {
> inode->i_uid = 0;
> inode->i_gid = 0;
> }
> security_task_to_inode(task, inode);
> return 1;
> }
BTW: You might be able to cache IS_PID_DIR(). It looks like being a gain.
> @@ -1454,6 +1468,11 @@ static struct dentry *proc_pident_lookup
> + if (proc_privacy == 2 || task->euid != 0)
^^^^^
redundand.
--
Funny quotes:
27. If people from Poland are called Poles, why aren't people from Holland
called Holes?
Friß, Spammer: Gould@xxxxxxxxxxxxxxx winer@xxxxxxxxxxxxxxxxx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/