Hi, On Wed, Sep 07, 2011 at 02:33 +0900, Tejun Heo wrote: > On Tue, Sep 06, 2011 at 09:29:52PM +0400, Vasiliy Kulikov wrote: > > I agree with you. I don't think that showing system-global debug > > information to all users by default is the right thing. But some people > > doesn't agree with this point of view: > > > > http://thread.gmane.org/gmane.linux.kernel/1108378 > > Yeap, I know there are two sides of the discussion but if one takes > the position that hiding such global debug info is more harmful, it's > only crazier to hide such information from each individual users of > the said global facility. So, let's just forget about information > leak via freeing or not freeing here. It's the wrong battle field. Andrew, are you OK with closing the hole with pid_no_revalidate() and 0600 /proc/slabinfo? If so, I feel I have to start this discussion with people participating in the discussion above: Theodore, Dan, Linus, etc. Thanks, -- Vasiliy Kulikov http://www.openwall.com - bringing security into open computing environments _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
