On Sun, Aug 28, 2011 at 01:03:14PM -0700, Jeff Rizzo wrote: > > I don't pretend to understand the security ramifications regarding > processor affinity; I do wonder, however, whether it warrants > requiring elevated privilege (and possible exposure via other code > in the process which doesn't require root for normal operation) to > prevent allowing users to pin their own code to a particular cpu by > default. Are we sure we've made the right (default) tradeoff here?
I am pretty sure. It makes resource consumption attacks easier and it is not hard to see how to use it to make timing attacks against cryptographic code in other processes _much_ easier.