Re: [rfc] fcntl: Add F_GETOWNER_UIDS option
From: Cyrill Gorcunov
Date: Fri Mar 30 2012 - 15:56:57 EST
On Fri, Mar 30, 2012 at 12:46:51PM -0700, Kees Cook wrote:
> >> I meant the dumper. Yes, at moment f_get/setown requires no privileges
> >> but I'm not sure if uid/euid is same or less sensible information
> >> than pid, that's why I though CAP_FOWNER might be worth to add, no?
> > Hmm, I would say no, but that might be a good question for kees.
> > IMO it's not sensitive information and so no sense requiring privilege
> > (and encouraging handing out of extra privilage to get at the info)
> Nothing jumps out at me about just seeing uid/euid. Everything can be
> construed as an information leak, but this don't seem like something
> that needs special protection.
OK, thanks Kees.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/