Re: [RFC PATCH] proc: making "limits" world readable

From: Jiri Olsa
Date: Fri Sep 24 2010 - 06:56:51 EST


On Thu, Sep 23, 2010 at 02:56:42PM -0700, Andrew Morton wrote:
> On Tue, 21 Sep 2010 11:10:55 +0200
> Jiri Olsa <jolsa@xxxxxxxxxx> wrote:
>
> > hi,
> >
> > I'd like to have the /proc/<pid>/limits file world readable,
>
> Why?
>

having this will ease the task of system management for large install
bases and where root privileges might be restricted

jirka

> > but I'm not sure this could cause some security issue.. thoughts?
> >
> > The "limit" file was as a debug feature by following commit:
> > - proc: export a processes resource limits via /proc/pid
> > commit d85f50d5e1aa99ab082035f94265847521819e58
> > Author: Neil Horman <nhorman@xxxxxxxxxxxxx>
> >
> >
> > thanks for any ideas,
> > jirka
> > ---
> > fs/proc/base.c | 4 ++--
> > 1 files changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/fs/proc/base.c b/fs/proc/base.c
> > index a1c43e7..8e4adda 100644
> > --- a/fs/proc/base.c
> > +++ b/fs/proc/base.c
> > @@ -2675,7 +2675,7 @@ static const struct pid_entry tgid_base_stuff[] = {
> > INF("auxv", S_IRUSR, proc_pid_auxv),
> > ONE("status", S_IRUGO, proc_pid_status),
> > ONE("personality", S_IRUSR, proc_pid_personality),
> > - INF("limits", S_IRUSR, proc_pid_limits),
> > + INF("limits", S_IRUGO, proc_pid_limits),
> > #ifdef CONFIG_SCHED_DEBUG
> > REG("sched", S_IRUGO|S_IWUSR, proc_pid_sched_operations),
> > #endif
> > @@ -3011,7 +3011,7 @@ static const struct pid_entry tid_base_stuff[] = {
> > INF("auxv", S_IRUSR, proc_pid_auxv),
> > ONE("status", S_IRUGO, proc_pid_status),
> > ONE("personality", S_IRUSR, proc_pid_personality),
> > - INF("limits", S_IRUSR, proc_pid_limits),
> > + INF("limits", S_IRUGO, proc_pid_limits),
> > #ifdef CONFIG_SCHED_DEBUG
> > REG("sched", S_IRUGO|S_IWUSR, proc_pid_sched_operations),
> > #endif
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/