On Wed, Aug 08, 2007 at 03:57:27PM +0200, Piotr Engelking wrote: > As this bug is actually a more general privacy issue caused by the > fact that oprofiled makes the collected samples world-readable, I'd > suggest to make them owned and readable only by root:adm, similarly to > other log files containing sensitive information.
Please explain the privacy issue. Are you trying to suggest that the profile of an application might reveal something private to a user? Note there is no way to correlate such a profile back to an individual user. Given that the alternative involves running all the userspace report tools as root or under sudo, I find it very difficult to believe that this option is somehow more secure. People who are worried about this should: 1) contact me and explain the exact real-world situation that is troublesome 2) chmod the directories themselves regards john -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
