| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20260106-bsd-acct-v1-1-d15564b52c83@kernel.org> Date: Tue, 06 Jan 2026 09:38:22 -0500 From: Jeff Layton <jlayton@...nel.org> To: Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>, Al Viro <viro@...iv.linux.org.uk> Cc: Amir Goldstein <amir73il@...il.com>, Jani Nikula <jani.nikula@...el.com>, Wei Liu <wei.liu@...nel.org>, Joel Granados <joel.granados@...nel.org>, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, Jeff Layton <jlayton@...nel.org> Subject: [PATCH] acct(2): begin the deprecation of legacy BSD process accounting As Christian points out [1], even though it's privileged, this interface has a lot of footguns. There are better options these days (e.g. eBPF), so it would be good to start discouraging its use and mark it as deprecated. [1]: https://lore.kernel.org/linux-fsdevel/20250212-giert-spannend-8893f1eaba7d@brauner/ Signed-off-by: Jeff Layton <jlayton@...nel.org> --- I meant to send this months ago, but never got around to it. Let's at least mark this as deprecated and see who complains. We could also consider adding a pr_warn_once() that fires the first time someone calls acct(2) if we want to kill this in a more near-term timeframe. --- init/Kconfig | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/init/Kconfig b/init/Kconfig index fa79feb8fe57bb01d8ce8f35e33535709b57d452..160c1c4ef253593d62650cd5a53f3421bc9372d3 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -624,8 +624,9 @@ config SCHED_HW_PRESSURE arch_update_hw_pressure() and arch_scale_thermal_pressure(). config BSD_PROCESS_ACCT - bool "BSD Process Accounting" + bool "BSD Process Accounting (DEPRECATED)" depends on MULTIUSER + default n help If you say Y here, a user level program will be able to instruct the kernel (via a special system call) to write process accounting @@ -635,7 +636,9 @@ config BSD_PROCESS_ACCT command name, memory usage, controlling terminal etc. (the complete list is in the struct acct in <file:include/linux/acct.h>). It is up to the user level program to do useful things with this - information. This is generally a good idea, so say Y. + information. This mechanism is antiquated and has significant + scalability issues. You probably want to use eBPF instead. Say + N unless you really need this. config BSD_PROCESS_ACCT_V3 bool "BSD Process Accounting version 3 file format" --- base-commit: 7f98ab9da046865d57c102fd3ca9669a29845f67 change-id: 20260106-bsd-acct-c60be8e6ae62 Best regards, -- Jeff Layton <jlayton@...nel.org>
Powered by blists - more mailing lists