Re: Change proc file permissions with sysctls

2005-03-20 Thread Jan Engelhardt
The permissions of files in /proc/1 (usually belonging to init) are kept as they are. The idea is to let system processes be freely visible by anyone, just as before. Especially interesting in this regard would be instances of login. I don't know how to easily discriminate between system

[PATCH][0/6] Change proc file permissions with sysctls

2005-03-19 Thread Rene Scharfe
The following patches implement another interface that allows an admin to restrict permissions inside /proc/pid to enhance the privacy of users. Following a suggestion by Albert Calahan this set of patches introduces five sysctls, each one changes the permissions of a certain file in /proc/pid

Re: [PATCH][0/6] Change proc file permissions with sysctls

2005-03-19 Thread Albert Cahalan
On Sun, 2005-03-20 at 01:22 +0100, Rene Scharfe wrote: The permissions of files in /proc/1 (usually belonging to init) are kept as they are. The idea is to let system processes be freely visible by anyone, just as before. Especially interesting in this regard would be instances of login. I

Re: [RFC][PATCH] Simple privacy enhancement for /proc/pid

2005-04-12 Thread Albert Cahalan
the settings cannot change. And we don't need the added flexibility of sysctls anyway -- I assume these parameters are set at installation time and never touched again. This means mucking with boot parameters, which can be a pain. The various boot loaders do not all use the same config file. Then I

[PATCH 2/2] Documentation: describe /proc//userns_counts

2016-08-15 Thread Andrei Vagin
rom 0 - ULLONG_MAX An application setting the value must have PTRACE_MODE_ATTACH_FSCREDS level permissions on the task specified to change its timerslack_ns value. +3.11 /proc//userns_counts - User namespace counters +- + +This file provides cur

Re: [PATCH][0/6] Change proc file permissions with sysctls

2005-03-19 Thread Bodo Eggert
On Sun, 20 Mar 2005, Rene Scharfe wrote: The permissions of files in /proc/1 (usually belonging to init) are kept as they are. The idea is to let system processes be freely visible by anyone, just as before. Especially interesting in this regard would be instances of login. I think you

[RFC][PATCH] Simple privacy enhancement for /proc/pid

2005-04-10 Thread Rene Scharfe
implementation a lot because we know the settings cannot change. And we don't need the added flexibility of sysctls anyway -- I assume these parameters are set at installation time and never touched again. Then I suppose we don't need to be able to fine-tune the permissions for each file in /proc

[PATCH 11/17] doc: ReSTify Yama.txt

2017-05-13 Thread Kees Cook
-1,13 +1,14 @@ + +Yama + + Yama is a Linux Security Module that collects system-wide DAC security protections that are not handled by the core kernel itself. This is -selectable at build-time with CONFIG_SECURITY_YAMA, and can be controlled -at run-time through sysctls in /proc/sys

Re: [PATCH 3/3] sched: Implement interface for cgroup unified hierarchy

2015-10-15 Thread Paul Turner
applications to depend on what those attribute are set to > and even when the different entities do different things, the > combination is still something coherent. > > Now, if you make the in-process grouping dynamic and accessible to > external entities (and if we aren't gonna do t

Linux v2.6.21-rc3

2007-03-06 Thread Linus Torvalds
. [SPARC64]: Fix floppy build failure. [NET]: Revert incorrect accept queue backlog changes. David Stevens (1): [IPV6]: /proc/net/anycast6 unbalanced inet6_dev refcnt Dimitri Gorokhovik (1): initramfs should not depend on CONFIG_BLOCK Dirk Behme (8): ARM: OMAP: Fix warning