Hello, On Tue, Sep 20, 2016 at 12:49:13AM +0200, Mickaël Salaün wrote: > Add security access check for cgroup backed FD. The "cgroup.procs" file > of the corresponding cgroup should be readable to identify the cgroup, > and writable to prove that the current process can manage this cgroup > (e.g. through delegation). This is similar to the check done by > cgroup_procs_write_permission().
Can you please explain why this change is beneficial? Thanks. -- tejun