-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Tue, 2018-10-02 at 23:08 +0200, Yves-Alexis Perez wrote: > On Tue, 2018-10-02 at 13:52 -0700, Matthew Wilcox wrote: > > On Tue, Oct 02, 2018 at 10:47:23PM +0200, Yves-Alexis Perez wrote: > > > Current phrasing is ambiguous since it's unclear if attaching to a > > > children through PTRACE_TRACEME requires CAP_SYS_PTRACE. Rephrase the > > > sentence to make that clear. > > > > I disagree that your sentence makes that clear. How about: > > > > > 2 - admin-only attach: > > > - only processes with ``CAP_SYS_PTRACE`` may use ptrace > > > - with ``PTRACE_ATTACH``, or through children calling > > > ``PTRACE_TRACEME``. > > > + only processes with ``CAP_SYS_PTRACE`` may use ptrace, either with > > > + ``PTRACE_ATTACH`` or through children calling ``PTRACE_TRACEME``. > > > > + only processes with ``CAP_SYS_PTRACE`` may use ptrace. This > > + restricts both ``PTRACE_ATTACH`` and ``PTRACE_TRACEME``. > > Hi Matthew, > > I'm no native speaker, both versions are fine by me but I liked keeping the > “children calling” part since the semantics are quite different for > PTRACE_ATTACH and PTRACE_TRACEME. > Hi Kees, Matthew, so what's the status on this? Who needs to acknowledge one wording or another? Regards, - -- Yves-Alexis -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlu5ydIACgkQ3rYcyPpX RFt7oAgAued/FsFiGvk6U/RG3JEj5p5aRu6harAXqK/Mw8n1gEu0nGvZvFJn31eY fcU8quTtbmiNR2oYrAxjri2dhVd2JLsKDZU1bhpcKk33jDOzhUjeKnJgLGY38Z01 5idfKSy0CEZ0FvYvpt7gOm3loFlbM0au9JgFszVwFM8Yartr5vH1mPlZUwGbrroH RORqAkwVI+g8iK1vqq9fdCf9J5mwcYu0DR8STvP8Nx12zEDNeiCShvXDNNt5VKg3 BHVNPHvE8uKaZmlyYt1oy9ZKjjcHn6veVkKEKFRz/TVc+q/Z7G1cORzVb7GzIPGj 9GoIZP2+Wi+7KUqUYQnHZSfujd5BzQ== =jfBM -----END PGP SIGNATURE-----
