Re: [1/1][PATCH] nproc v2: netlink access to /proc information

From: Stephen Smalley
Date: Fri Sep 10 2004 - 07:22:40 EST

Next message: Ingo Molnar: "Re: [PATCH][5/8] Arch agnostic completely out of line locks / ppc64"
Previous message: William Lee Irwin III: "Re: [PATCH][5/8] Arch agnostic completely out of line locks / ppc64"
In reply to: Chris Wright: "Re: [1/1][PATCH] nproc v2: netlink access to /proc information"
Next in thread: Roger Luethi: "Re: [1/1][PATCH] nproc v2: netlink access to /proc information"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2004-09-09 at 16:48, Chris Wright wrote:
> > + * @task_getstate:
> > + * Check permission before getting the state of a task.
> > + * @pid contains the pid of the requesting process.
> > + * @p contains the task_struct for the target task.
> > + * @uid contains the uid of the requesting process.
> > + * @caps contains the capability set of the requesting process.
> > + * Return 0 if permission is granted.
>
> Why caps?

It is readily available in the netlink skb parms, and someone might want
to use it, e.g. a security module might limit a requesting process to
only getting state of other processes with the same uid unless the
requesting process has some capability.

--
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: [PATCH][5/8] Arch agnostic completely out of line locks / ppc64"
Previous message: William Lee Irwin III: "Re: [PATCH][5/8] Arch agnostic completely out of line locks / ppc64"
In reply to: Chris Wright: "Re: [1/1][PATCH] nproc v2: netlink access to /proc information"
Next in thread: Roger Luethi: "Re: [1/1][PATCH] nproc v2: netlink access to /proc information"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]