| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LSU.2.00.0905191531370.14681@fbirervta.pbzchgretzou.qr> Date: Tue, 19 May 2009 15:32:36 +0200 (CEST) From: Jan Engelhardt <jengelh@...ozas.de> To: Peter Zijlstra <peterz@...radead.org> cc: Martin Schwidefsky <schwidefsky@...ibm.com>, Linus Torvalds <torvalds@...ux-foundation.org>, linux-kernel <linux-kernel@...r.kernel.org>, Michael Abbott <michael@...neidae.co.uk> Subject: Re: [GIT PULL] cputime patch for 2.6.30-rc6 On Monday 2009-05-18 17:24, Peter Zijlstra wrote: >> + for_each_possible_cpu(i) >> + idletime = cputime64_add(idletime, kstat_cpu(i).cpustat.idle); >> + idletime = cputime64_to_clock_t(idletime); >> >> do_posix_clock_monotonic_gettime(&uptime); >> monotonic_to_bootbased(&uptime); > >This is a world readable proc file, adding a for_each_possible_cpu() in >there scares me a little (this wouldn't be the first and only such case >though). Well maybe procfs could gain chmod support (with the same lifetime guarantee that one would have with tmpfs), so that init scripts of big boxes can chmod it 400 on boot if there is that potential user threat: >Then think about userspace doing: > while :; do cat /proc/uptime > /dev/null; done -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists