Re: [PATCH 2.6.13.1] Patch for invisible threads

[Al Viro]

On Wed, Sep 14, 2005 at 07:31:12PM -0500, Sripathi Kodi wrote:
> I can move this code from proc_root_link() to proc_check_root(), but it 
> will still not be completely limited to ->permission() path. I can create a 
> separate ->permission() for proc_task_inode_operations, and have this 
> additional code there. If I do that, I think I will have to duplicate much 
> of proc_check_root(). Or else, I will have to split proc_check_root() into 
> two functions to prevent code duplication. Please let me know if any of 
> these makes sense, and I will send another patch.

The last variant would be preferable if we go in that direction...

> If you don't like this idea at all, please let me know if there any other 
> way of solving the invisible threads problem, short of taking out 
> ->permission() altogether from proc_task_inode_operations.

Frankly, I don't see the rationale for combination of
	* allowing anyone see all processes in top-level directory and
visit their directories, chroot or not
	* allowing anyone see /proc/<pid>/task/*, unless separated by
chroot (note that we allow that regardless of process ownership, etc.)
	* disallowing to see /proc/<pid>/task/* if leader is or used to be
outside of our chroot.

IOW, it's either too weak or too strong; current rules make very little
sense, regardless of the behaviour when group leader dies.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/