On Tue, Apr 12, 2005 at 01:29:35AM -0400, Albert Cahalan wrote:
> If you really can't allow access based on tty, then at least allow
> access if any UID value matches any UID value. Without this, a user
> can not always see a setuid program they are running.
Yes, that's a bug. Below is a new vers
On Sun, 2005-04-10 at 17:38 +0200, Rene Scharfe wrote:
> Albert, allowing access based on tty sounds nice, but it _is_ expansive.
> More importantly, perhaps, it would "virtualize" /proc: every user would
> see different permissions for certain files in there. That's too comlex
> for my taste.
I
Bodo Eggert schrieb:
> On Sun, 10 Apr 2005, Rene Scharfe wrote:
>
>
>>First, configuring via kernel parameters is sufficient.
>
>
> I don't remember: Would a mount option be equally easy to implement?
> (Kernel parameters are OK for me, too.)
A mount option for procfs would be changable at rem
On Sun, 10 Apr 2005, Rene Scharfe wrote:
> First, configuring via kernel parameters is sufficient.
I don't remember: Would a mount option be equally easy to implement?
(Kernel parameters are OK for me, too.)
> I have another idea: let's keep the details of _every_ process owned by
> user root re
Hi all,
sorry it took me so long before offering another patch for restricting
/proc permissions. Real life kept on intervening.
Albert, allowing access based on tty sounds nice, but it _is_ expansive.
More importantly, perhaps, it would "virtualize" /proc: every user would
see different permiss
5 matches
Mail list logo
