Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1161117AbVIPHqS (ORCPT ); Fri, 16 Sep 2005 03:46:18 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1161118AbVIPHqR (ORCPT ); Fri, 16 Sep 2005 03:46:17 -0400 Received: from zeniv.linux.org.uk ([195.92.253.2]:32658 "EHLO ZenIV.linux.org.uk") by vger.kernel.org with ESMTP id S1161117AbVIPHqR (ORCPT ); Fri, 16 Sep 2005 03:46:17 -0400 Date: Fri, 16 Sep 2005 08:46:06 +0100 From: Al Viro To: Sripathi Kodi Cc: Al Viro , Linus Torvalds , Andrew Morton , linux-kernel@vger.kernel.org, patrics@interia.pl, Ingo Molnar , Roland McGrath Subject: Re: [PATCH 2.6.13.1] Patch for invisible threads Message-ID: <20050916074606.GE19626@ftp.linux.org.uk> References: <20050913165102.GR25261@ZenIV.linux.org.uk> <20050913171215.GS25261@ZenIV.linux.org.uk> <43274503.7090303@in.ibm.com> <20050914015003.GW25261@ZenIV.linux.org.uk> <4328C0D0.6000909@in.ibm.com> <20050915011850.GZ25261@ZenIV.linux.org.uk> <432A17E0.3060302@in.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <432A17E0.3060302@in.ibm.com> User-Agent: Mutt/1.4.1i Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1991 Lines: 46 On Thu, Sep 15, 2005 at 07:54:56PM -0500, Sripathi Kodi wrote: > proc_root_link and proc_task_root_link still have some duplicated code. I > could have split these functions further to avoid duplication completely, > but that would move incrementing and decrementing fs->lock to two different > functions, which I think will be confusing. > > The other way of implementing this that I could think of was to have a flag > to indicate that the call is from ->permission path and pass it all along. > This will avoid having to change many existing functions, but it will > defeat the purpose of limiting this kludge code to ->permission path. > > Please let me know how it is looking now. Ugh... Considering that all of that is _only_ for /proc//task and that proc_permission() is a couple of function calls, why bother with proc_task_check_root() instead of just adding proc_task_permission() with { struct dentry *root; struct vfsmount *vfsmnt; if (generic_permission(inode, mask, NULL) != 0) return -EACCES; /* or just open-code it here, for that matter */ if (proc_task_root_link(inode, &root, &vfsmnt)) return -ENOENT; return proc_check_chroot(root, vfsmnt); } for a body and leaving proc_permission() without any changes at all? > Further, about actual permission checks that we are doing, can we say: "A > process should be able to see /proc//task/* of another process only if > they both belong to same uid or reader is root"? But any such change will > change the behavior of commands like 'ps', right? Right. The real question is whether the current behaviour makes any sense. I've no objections to your patch + modification above, but I really wonder if we should keep current rules in that area. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/