Re: [1/1][PATCH] nproc v2: netlink access to /proc information

From: William Lee Irwin III
Date: Tue Sep 14 2004 - 14:45:26 EST


On Tue, 14 Sep 2004 12:07:47 -0700, William Lee Irwin III wrote:
>> Okay, so what kinds of errors are returned in this case, if any, or
>> (worst case) are the offending tasks completely silently dropped?

On Tue, Sep 14, 2004 at 09:31:39PM +0200, Roger Luethi wrote:
> In published code: No access control whatsoever. In dev tree: Silently
> dropped. Possible: Any kind of error and additional information that
> makes sense (we have netlink messages as a transport, after all).

I'm not sure what to make of this.


On Tue, Sep 14, 2004 at 09:31:39PM +0200, Roger Luethi wrote:
> That said, I don't think dropping tasks silently is a "worst case"
> in this scenario. Whatever your error report is going to be, it will
> boil down to saying "some tasks that may or may not live by the time
> you read this have been skipped because some fields that you knew had
> access restrictions prevented providing the information in those cases,
> and I must be cautious about not revealing any sensitive information
> to you so sorry I can't be more helpful". What's a tool going to do
> with that? If it cares to get a complete snapshot, it can simply send
> two requests: One with and one without restricted fields.
> So the tool would, say, request PID/VmSize in the first message and
> environ in the second message. Since only the owner can read the
> environment, the second request would yield answers only for a subset
> of the total process table.

This sounds safe enough, though it's unclear how to predict what fields
may be restricted. I suppose one doesn't try and requests one field at
a time for all tasks in this model of interaction with userspace.


-- wli
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/