On Wed, Aug 08, 2007 at 05:37:09PM +0200, Piotr Engelking wrote: > John Levon <[EMAIL PROTECTED]> wrote: > > Please explain the privacy issue. Are you trying to suggest that the > > profile of an application might reveal something private to a user? Note > > there is no way to correlate such a profile back to an individual user. > > It can reveal, e.g., which library and system calls does an user's program > make.
How is this a privacy issue, again? I can't think of a real scenario that doesn't also apply to "ps -ef". I can see a (somewhat weak) argument that this is a security issue for people who like their users to be very compartmentalised, but no privacy issue. > > Given that the alternative involves running all the userspace report > > tools as root or under sudo, I find it very difficult to believe that > > this option is somehow more secure. > > Not really, as you can add the user to the adm group. As a > non-administrator has currently no way to use oprofile, this shouldn't > be a problem. Adm group membership is already needed to read system > logs. Fair point, I suppose. > > People who are worried about this should: > > > [...] > > 2) chmod the directories themselves > > This should, at the very least, be documented. I'll take a patch to do so. regards, john -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
