From mboxrd@z Thu Jan 1 00:00:00 1970 From: Evgeniy Polyakov Subject: Re: [take 3] Use pid in inotify events. Date: Fri, 21 Nov 2008 18:08:51 +0300 Message-ID: <20081121150851.GA15789@ioremap.net> References: <20081116232450.GA13547@ioremap.net> <20081117171508.GA564@ioremap.net> <20081117175212.GA2224@ioremap.net> <20081120130902.GA1408@ucw.cz> <20081121140325.GA12384@ioremap.net> <20081121145709.GC1554@ucw.cz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline In-Reply-To: <20081121145709.GC1554-+ZI9xUNit7I@public.gmane.org> Sender: linux-api-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: Pavel Machek Cc: Robert Love , mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org, linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Andrew Morton , Christoph Hellwig List-Id: linux-api@vger.kernel.org On Fri, Nov 21, 2008 at 03:57:09PM +0100, Pavel Machek (pavel-AlSwsSmVLrQ@public.gmane.org) wrote: > > John & I intentionally did not add the pid field when writing inotify > > for reasons of security and questionable need. It also stinks to have > > to add a pid field to the event structure if that field is seldom > > used. > > ...plus the permission check was quite strange. We don't normally try > to hide PIDs, and 'equal uid' is very non-standard test. can_ptrace() > is normally used for such stuff... That's what Reobert suggested as a security measure. Expect this decision will not be described in details, why it is good or bad. I'm prefectly fine without this check either. -- Evgeniy Polyakov -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org More majordomo info at http://vger.kernel.org/majordomo-info.html From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755351AbYKUPJF (ORCPT ); Fri, 21 Nov 2008 10:09:05 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1753647AbYKUPIy (ORCPT ); Fri, 21 Nov 2008 10:08:54 -0500 Received: from kandzendo.ru ([195.178.208.66]:41574 "EHLO tservice.net.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753630AbYKUPIx (ORCPT ); Fri, 21 Nov 2008 10:08:53 -0500 Date: Fri, 21 Nov 2008 18:08:51 +0300 From: Evgeniy Polyakov To: Pavel Machek Cc: Robert Love , mtk.manpages@gmail.com, linux-api@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Morton , Christoph Hellwig Subject: Re: [take 3] Use pid in inotify events. Message-ID: <20081121150851.GA15789@ioremap.net> References: <20081116232450.GA13547@ioremap.net> <20081117171508.GA564@ioremap.net> <20081117175212.GA2224@ioremap.net> <20081120130902.GA1408@ucw.cz> <20081121140325.GA12384@ioremap.net> <20081121145709.GC1554@ucw.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20081121145709.GC1554@ucw.cz> User-Agent: Mutt/1.5.13 (2006-08-11) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Nov 21, 2008 at 03:57:09PM +0100, Pavel Machek (pavel@suse.cz) wrote: > > John & I intentionally did not add the pid field when writing inotify > > for reasons of security and questionable need. It also stinks to have > > to add a pid field to the event structure if that field is seldom > > used. > > ...plus the permission check was quite strange. We don't normally try > to hide PIDs, and 'equal uid' is very non-standard test. can_ptrace() > is normally used for such stuff... That's what Reobert suggested as a security measure. Expect this decision will not be described in details, why it is good or bad. I'm prefectly fine without this check either. -- Evgeniy Polyakov