Re: [1/1][PATCH] nproc v2: netlink access to /proc information
From: Albert Cahalan
Date: Sat Sep 11 2004 - 17:41:52 EST
On Thu, 2004-09-09 at 17:25, Roger Luethi wrote:
> On Thu, 09 Sep 2004 22:55:31 +0200, Roger Luethi wrote:
> > I used a somewhat different approach in my development tree (not
> > SELinuxy, though): Most fields were world readable, some required
> > credentials.
>
> I forgot to mention that you can see the remnants of that approach in
> <linux/nproc.h>: I used two bits of the field ID to define per-field
> access restrictions (NPROC_PERM_USER, NPROC_PERM_ROOT).
Besides the low-security and high-security choices,
I'd like to see a medium-security choice.
low: everybody sees everything
medium: everybody sees something; privileged user sees all
high: must be privileged
This might mean that asking for stuff like EIP and WCHAN
causes you to see fewer processes.
If partial info is returned for a process, I'd like to
also get a bitmap of valid fields. Special "not valid"
values are a pain to deal with.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/