[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-kernel
Subject:    Re: [RFC PATCH 3/3a] ptrace: add _ptrace_may_access()
From:       Ingo Molnar <mingo () elte ! hu>
Date:       2009-05-07 9:31:24
Message-ID: 20090507093124.GA355 () elte ! hu
[Download RAW message or body]


* Ingo Molnar <mingo@elte.hu> wrote:

> The design around that code does not seem to be very consistent.
> 
> One solution would be for the default "plain Linux" security 
> module to have a stock ->ptrace_access_check() that does the 
> current ptrace_may_access() check, and then procfs could be 
> updated to use that callback - instead of calling into the ptrace 
> core code directly.

hm, that's not a good idea, as we'd have an unnecessary indirect 
call even in the common case where the higher-level ptrace checks 
deny a request via -EPERM early on already.

So it's all designed fine and what we need is the rename plus the 
elimination of the bool.

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
[prev in list] [next in list] [prev in thread] [next in thread]