On Wednesday, March 9th, 2022 at 11:24, Christian König <ckoenig.leichtzumerken@xxxxxxxxx> wrote: > Am 09.03.22 um 11:10 schrieb Simon Ser: > > On Wednesday, March 9th, 2022 at 10:56, Pierre-Eric Pelloux-Prayer <pierre-eric.pelloux-prayer@xxxxxxx> wrote: > > > >> Would it be possible to include the app parameters as well? > > Can all processes read sysfs events? > > No, but application parameters are usually not secret. It's a bad practice, yes. But people still do it. > > There might be security implications here. The app parameters might > > contain sensitive information, like passwords or tokens. > > It's a well known security vulnerably to provide password etc.. as > application parameter since everybody can read them through procfs. I was thinking mostly about Flatpak apps here. Flatpak apps are running in a process namespace so they can't query the CLI parameters of PIDs outside of the namespace. But they might still receive sysfs uevents.
