On Fri, 2016-06-17 at 08:56 +0300, Alexander Shishkin wrote: > Ben Hutchings <ben@xxxxxxxxxxxxxxx> writes: > > > When kernel.perf_event_open is set to 3 (or greater), disallow all > > access to performance events by users without CAP_SYS_ADMIN. > > Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that > > makes this value the default. > > So this patch does two things, can it then be made into two patches? It could. > > > > This is based on a similar feature in grsecurity > > (CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making > > the variable read-only. It also allows enabling further restriction > > at run-time regardless of whether the default is changed. > > This paragraph doesn't seem to belong in the commit message. I'm giving credit where credit is due. > What this commit message is missing entirely is the rationale behind > this change other than "grsecurity does the same". Can you please > elaborate? It allows disabling a facility which in many systems is not needed and is only a security risk. > > Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx> > > --- > > I made a similar change to Debian's kernel packages in August, > > including the more restrictive default, and no-one has complained yet. > > As a debian user, is this a good place to complain? Because it does get > it the way. OK, then you're the first one. And you know how to change this, don't you? Ben. -- Ben Hutchings We get into the habit of living before acquiring the habit of thinking. - Albert Camus
Attachment:
signature.asc
Description: This is a digitally signed message part
