Hello, On Tue, Sep 20, 2016 at 12:49:13AM +0200, Mickaël Salaün wrote: > Add security access check for cgroup backed FD. The "cgroup.procs" file > of the corresponding cgroup should be readable to identify the cgroup, > and writable to prove that the current process can manage this cgroup > (e.g. through delegation). This is similar to the check done by > cgroup_procs_write_permission(). Can you please explain why this change is beneficial? Thanks. -- tejun -- To unsubscribe from this list: send the line "unsubscribe cgroups" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
