Re: [RFC PATCH] Implement /proc/pid/kill

From: Oleg Nesterov
Date: Wed Oct 31 2018 - 08:44:42 EST

Next message: Andy Shevchenko: "Re: [PATCH V4 1/5] pvpanic: move pvpanic to misc as common driver"
Previous message: Arnaldo Carvalho de Melo: "Re: [PATCH RFC] hist lookups"
In reply to: Eric W. Biederman: "Re: [RFC PATCH] Implement /proc/pid/kill"
Next in thread: Daniel Colascione: "Re: [RFC PATCH] Implement /proc/pid/kill"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/30, Eric W. Biederman wrote:
>
> At a bare minimum you need to perform the permission check using the
> credentials of the opener of the file. Which means refactoring
> kill_pid so that you can perform the permission check for killing the
> application during open.

perhaps it would be simpler to do

my_cred = override_creds(file->f_cred);
kill_pid(...);
revert_creds(my_cred);

?

> But overall this looks quite reasaonble.

Agreed.

Oleg.

Next message: Andy Shevchenko: "Re: [PATCH V4 1/5] pvpanic: move pvpanic to misc as common driver"
Previous message: Arnaldo Carvalho de Melo: "Re: [PATCH RFC] hist lookups"
In reply to: Eric W. Biederman: "Re: [RFC PATCH] Implement /proc/pid/kill"
Next in thread: Daniel Colascione: "Re: [RFC PATCH] Implement /proc/pid/kill"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]