On Wed, Apr 16, 2014 at 11:13:31AM -0700, Andy Lutomirski wrote: [..] > > Ok, so passing cgroup information is not necessarily a problem as long > > as it is not used for authentication. So say somebody is just logging > > all the client request and which cgroup client was in, that should not > > be a problem. > > Do you consider correct attribution of logging messages to be > important? If so, then this is a kind of authentication, albeit one > where the impact of screwing it up is a bit lower. So not passing cgroup information makes attribution more correct. Just logging of information is authentication how? Both kernel and user space log message into /var/log/messages and kernel messages are prefixed with "kernel". So this somehow becomes are sort of authentication. I don't get it. > > > > > I agree that before somebody uses cgroup information for authentication > > purposes, may be there needs to be a bigger debate whether this info > > can be used safely for authentication purposes or not and in what > > circumstances it is safe to use for authentication. > > I thought that the original intended user of these patches was SSSD. > I have no idea what SSSD wanted them for, but I think it may better. SSSD wanted to use this information too. And I think this is a good time to revisit and discuss can cgroup information be used safely for authentication or not. > > > > > But that does not mean that API to pass the cgroup information around is > > wrong. > > > > It may not be wrong, but it might be extremely difficult or impossible > to use it safely. I think that's something to avoid. Atleast I can't see a problem with logging example yet. Thanks Vivek -- To unsubscribe from this list: send the line "unsubscribe cgroups" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
