| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <cd2b162a59804cdaa7f4de18c3337aa8@ustx2ex-dag1mb5.msg.corp.akamai.com>
Date: Tue, 16 Jul 2019 17:01:26 +0000
From: "Lubashev, Igor" <ilubashe@...mai.com>
To: Jiri Olsa <jolsa@...hat.com>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"Peter Zijlstra" <peterz@...radead.org>,
Ingo Molnar <mingo@...hat.com>,
"Arnaldo Carvalho de Melo" <acme@...nel.org>,
Mathieu Poirier <mathieu.poirier@...aro.org>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Namhyung Kim <namhyung@...nel.org>,
Suzuki K Poulose <suzuki.poulose@....com>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>,
James Morris <jmorris@...ei.org>
Subject: RE: [PATCH 2/3] perf: Use CAP_SYS_ADMIN with perf_event_paranoid
checks
I could add another patch to the series for that. Any suggestion for what capability to check for here?
(There is always an alternative to not check for anything and let the kernel refuse to perform actions that the user does not have permissions to perform.)
- Igor
-----Original Message-----
From: Jiri Olsa <jolsa@...hat.com>
Sent: Tuesday, July 16, 2019 4:48 AM
Subject: Re: [PATCH 2/3] perf: Use CAP_SYS_ADMIN with perf_event_paranoid checks
On Tue, Jul 02, 2019 at 08:10:04PM -0400, Igor Lubashev wrote:
> The kernel is using CAP_SYS_ADMIN instead of euid==0 to override
> perf_event_paranoid check. Make perf do the same.
I see another geteuid check in __cmd_ftrace,
perhaps we should cover this one as well
jirka
Powered by blists - more mailing lists