On Tue, Jul 16, 2019 at 05:01:26PM +0000, Lubashev, Igor wrote: > I could add another patch to the series for that. Any suggestion for what > capability to check for here?
it's: if (geteuid() != 0) { pr_err("ftrace only works for root!\n"); return -1 } so I think check for CAP_SYS_ADMIN should be fine in here jirka > > (There is always an alternative to not check for anything and let the kernel > refuse to perform actions that the user does not have permissions to perform.) > > - Igor > > -----Original Message----- > From: Jiri Olsa <jo...@redhat.com> > Sent: Tuesday, July 16, 2019 4:48 AM > Subject: Re: [PATCH 2/3] perf: Use CAP_SYS_ADMIN with perf_event_paranoid > checks > > On Tue, Jul 02, 2019 at 08:10:04PM -0400, Igor Lubashev wrote: > > The kernel is using CAP_SYS_ADMIN instead of euid==0 to override > > perf_event_paranoid check. Make perf do the same. > > I see another geteuid check in __cmd_ftrace, > perhaps we should cover this one as well > > jirka