* world read permissions on /proc/irq/prof_cpu_mask and ...smp_affinity
@ 2002-12-03 11:49 Alex Riesen
2002-12-04 15:37 ` Ingo Molnar
0 siblings, 1 reply; 4+ messages in thread
From: Alex Riesen @ 2002-12-03 11:49 UTC (permalink / raw)
To: mingo; +Cc: linux-kernel
Hello!
Is there any reason to set the permissions to 0600?
It makes the admin to login as root just to look on the
current system state.
Is there something against 0644?
-alex
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: world read permissions on /proc/irq/prof_cpu_mask and ...smp_affinity
2002-12-03 11:49 world read permissions on /proc/irq/prof_cpu_mask and ...smp_affinity Alex Riesen
@ 2002-12-04 15:37 ` Ingo Molnar
2002-12-04 18:19 ` Alex Riesen
2002-12-05 11:24 ` Alex Riesen
0 siblings, 2 replies; 4+ messages in thread
From: Ingo Molnar @ 2002-12-04 15:37 UTC (permalink / raw)
To: Alex Riesen; +Cc: linux-kernel
On Tue, 3 Dec 2002, Alex Riesen wrote:
> Is there any reason to set the permissions to 0600?
> It makes the admin to login as root just to look on the
> current system state.
> Is there something against 0644?
i've got nothing against 0644, 0600 was just the default paranoid value.
(reading it could in theory mean an IO-APIC read.)
Ingo
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: world read permissions on /proc/irq/prof_cpu_mask and ...smp_affinity
2002-12-04 15:37 ` Ingo Molnar
@ 2002-12-04 18:19 ` Alex Riesen
2002-12-05 11:24 ` Alex Riesen
1 sibling, 0 replies; 4+ messages in thread
From: Alex Riesen @ 2002-12-04 18:19 UTC (permalink / raw)
To: Ingo Molnar; +Cc: Alex Riesen, linux-kernel
On Wed, Dec 04, 2002 at 10:37:01AM -0500, Ingo Molnar wrote:
> > Is there any reason to set the permissions to 0600?
> > It makes the admin to login as root just to look on the
> > current system state.
> > Is there something against 0644?
>
> i've got nothing against 0644, 0600 was just the default paranoid value.
> (reading it could in theory mean an IO-APIC read.)
The some objections against it (in vein: most people who want to
read it, supposed to want write into it).
But as for now it seems to be the only reason to have it readable
(and such things as /proc/ide/ideN/hdX/settings) is pure curiousity:
i don't really like to bother usually overworked admin to look at the
prof_cpu_mask just to figure out why all interrupts handled by CPU0.
And he is supposed to deny any my attempts to get root-SUID cat :)
-alex
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: world read permissions on /proc/irq/prof_cpu_mask and ...smp_affinity
2002-12-04 15:37 ` Ingo Molnar
2002-12-04 18:19 ` Alex Riesen
@ 2002-12-05 11:24 ` Alex Riesen
1 sibling, 0 replies; 4+ messages in thread
From: Alex Riesen @ 2002-12-05 11:24 UTC (permalink / raw)
To: Ingo Molnar; +Cc: linux-kernel, Sean Neakums
On Wed, Dec 04, 2002 at 10:37:01AM -0500, Ingo Molnar wrote:
> > Is there any reason to set the permissions to 0600?
> > It makes the admin to login as root just to look on the
> > current system state.
> > Is there something against 0644?
>
> i've got nothing against 0644, 0600 was just the default paranoid value.
> (reading it could in theory mean an IO-APIC read.)
>
Just found a patch from Olaf Dietsche (2.5.40: fix chmod/chown on procfs).
Quote:
This patch allows to change uid, gid and mode of files and directories
located in procfs.
The patch was accepted 2.5.
This perfectly solves the problem, and in very clean way, i think.
-alex
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2002-12-05 11:20 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-12-03 11:49 world read permissions on /proc/irq/prof_cpu_mask and ...smp_affinity Alex Riesen
2002-12-04 15:37 ` Ingo Molnar
2002-12-04 18:19 ` Alex Riesen
2002-12-05 11:24 ` Alex Riesen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox