Re: [PATCH] Read THREAD_CPUTIME clock from other processes.

[Roland McGrath]

> Yes, I was worried about possible security issues too. But, it seems,
> /proc/pid/task/tid/stat (do_task_stat) shows ->utime/stime anyway.

This is constrained by ptrace_may_access(task, PTRACE_MODE_READ).

> And /proc/schedstat shows sum_exec_runtime.

This probably should be constrained in exactly the same ways as .../stat is.

I think the constraints on /proc/.../stat reflect the most considered
judgement of the security folks.  I suspect that the lack of constraint on
/proc/.../schedstat reflects the scheduler folks just having failed to
consider the same issues.  IMHO all access to the equivalent kinds of
information should have the same security constraints.

> No, the suggested change doesn't go that far, afaics. It only modifies
> check_clock: this affects clock_getres and clock_set (which does nothing),
> and posix_cpu_clock_get: affects clock_gettime().

That's good, but it should be mentioned so that next year someone doesn't
come back with a "there's no reason you shouldn't be able to" and go
unchallenged.


Thanks,
Roland
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/