Return-Path: <linux-kernel-owner+w=401wt.eu-S1755351AbYKUPJF@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1755351AbYKUPJF (ORCPT <rfc822;w@1wt.eu>);
	Fri, 21 Nov 2008 10:09:05 -0500
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1753647AbYKUPIy
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Fri, 21 Nov 2008 10:08:54 -0500
Received: from kandzendo.ru ([195.178.208.66]:41574 "EHLO tservice.net.ru"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753630AbYKUPIx (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Fri, 21 Nov 2008 10:08:53 -0500
Date: Fri, 21 Nov 2008 18:08:51 +0300
From: Evgeniy Polyakov <zbr@ioremap.net>
To: Pavel Machek <pavel@suse.cz>
Cc: Robert Love <rlove@rlove.org>, mtk.manpages@gmail.com,
       linux-api@vger.kernel.org, linux-kernel@vger.kernel.org,
       Andrew Morton <akpm@linux-foundation.org>,
       Christoph Hellwig <hch@lst.de>
Subject: Re: [take 3] Use pid in inotify events.
Message-ID: <20081121150851.GA15789@ioremap.net>
References: <acdcfe7e0811081035l56eedf05x8b3b7ee2fc01eee6@mail.gmail.com> <20081116232450.GA13547@ioremap.net> <cfd18e0f0811170859w1d3f903ej1d5626f2d2bf4496@mail.gmail.com> <20081117171508.GA564@ioremap.net> <cfd18e0f0811170923q6b72bd0fn9d319bbceb8fa6a@mail.gmail.com> <20081117175212.GA2224@ioremap.net> <20081120130902.GA1408@ucw.cz> <20081121140325.GA12384@ioremap.net> <acdcfe7e0811210630s65404ef5pf2b94731c2a872e1@mail.gmail.com> <20081121145709.GC1554@ucw.cz>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20081121145709.GC1554@ucw.cz>
User-Agent: Mutt/1.5.13 (2006-08-11)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 937
Lines: 22

On Fri, Nov 21, 2008 at 03:57:09PM +0100, Pavel Machek (pavel@suse.cz) wrote:
> > John & I intentionally did not add the pid field when writing inotify
> > for reasons of security and questionable need. It also stinks to have
> > to add a pid field to the event structure if that field is seldom
> > used.
> 
> ...plus the permission check was quite strange. We don't normally try
> to hide PIDs, and 'equal uid' is very non-standard test. can_ptrace()
> is normally used for such stuff...

That's what Reobert suggested as a security measure. Expect this
decision will not be described in details, why it is good or bad.

I'm prefectly fine without this check either.

-- 
	Evgeniy Polyakov
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/