Re: [RFC PATCH 3/3a] ptrace: add _ptrace_may_access()
From: Ingo Molnar
Date: Thu May 07 2009 - 05:35:02 EST
* Ingo Molnar <mingo@xxxxxxx> wrote:
> The design around that code does not seem to be very consistent.
>
> One solution would be for the default "plain Linux" security
> module to have a stock ->ptrace_access_check() that does the
> current ptrace_may_access() check, and then procfs could be
> updated to use that callback - instead of calling into the ptrace
> core code directly.
hm, that's not a good idea, as we'd have an unnecessary indirect
call even in the common case where the higher-level ptrace checks
deny a request via -EPERM early on already.
So it's all designed fine and what we need is the rename plus the
elimination of the bool.
Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/