On Sun, 10 Apr 2005, Rene Scharfe wrote:

> First, configuring via kernel parameters is sufficient.

I don't remember: Would a mount option be equally easy to implement?
(Kernel parameters are OK for me, too.)

> I have another idea: let's keep the details of _every_ process owned by
> user root readable by anyone.

What about SUID processes acting on behalf of users?

> -     processor.max_cstate=   [HW, ACPI]
> -                     Limit processor to maximum C-state
> -                     max_cstate=9 overrides any DMI blacklist limit.
> -

This seems to belong into another patch



(in pid_revalidate:)
What about moving the things around? (just editing in the MUA)

> +             if (IS_PID_DIR(proc_type(inode)) || task_dumpable(task)) {
>                       inode->i_uid = task->euid;
> +                     inode->i_gid = proc_gid;
> +                     if (!proc_privacy || IS_PID_DIR(proc_type(inode)))
>                               inode->i_gid = task->egid;
>               } else {
>                       inode->i_uid = 0;
>                       inode->i_gid = 0;
>               }
>               security_task_to_inode(task, inode);
>               return 1;
>       }

BTW: You might be able to cache IS_PID_DIR(). It looks like being a gain.

> @@ -1454,6 +1468,11 @@ static struct dentry *proc_pident_lookup

> +             if (proc_privacy == 2 || task->euid != 0)
                                                   ^^^^^
redundand.
-- 
Funny quotes:
27. If people from Poland are called Poles, why aren't people from Holland
    called Holes?
Friß, Spammer: [EMAIL PROTECTED] [EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to