Re: [PATCH] proc: Allow restricting permissions in /proc/sys

[Topi Miettinen]

On 13.11.2019 16.52, Eric W. Biederman wrote:
> Kees Cook <keescook@xxxxxxxxxxxx> writes:
>
> > Ah! I see the v2 here now. :) Can you please include that in your
> > Subject next time, as "[PATCH v2] proc: Allow restricting permissions
> > in /proc/sys"? Also, can you adjust your MUA to not send a duplicate
> > attachment? The patch inline is fine.
> >
> > Please CC akpm as well, since I think this should likely go through the
> > -mm tree.
> >
> > Eric, do you have any other thoughts on this?
>
> This works seems to be a cousin of having a proc that is safe for
> containers.
>
> Which leads to the whole mess that hide_pid is broken in proc last I
> looked.
>
> So my sense is that what we want to do is not allow changing the
> permissions but to sort through what it will take to provide actual
> mount options to proc (that are per mount).  Thus removing the sharing
> that is (currently?) breaking the hide_pid option.
>
> With such an infrastructure in place we can provide a mount option
> (possibly default on when mounted by non-root) that keeps anything that
> unprivileged users don't need out of proc.  Which is likely to be most
> things except the pid files.
>
> It is something I probably should be working on, but I got derailed
> by the disaster that has that happened with mounting.    Even after
> I gave code review and showed them how to avoid it the new mount api
> is still not possible to use safely.

Are you perhaps referring to proc modernization patch set:

https://lkml.org/lkml/2018/5/11/155

Getting that reviewed and committed would be awesome!

-Topi