On Wed, 21 Nov 2018 12:14:14 +0300 Alexey Budankov <alexey.budankov@xxxxxxxxxxxxxxx> wrote: > +For the purpose of performing security checks Linux implementation splits > +processes into two categories [6]_ : a) privileged processes (whose effective > +user ID is 0, referred to as superuser or root), and b) unprivileged processes > +(whose effective UID is nonzero). Is that really what's going on here? If I understand things correctly, it's looking for CAP_SYS_PTRACE rather than a specific UID; am I missing something here? (Also, you would want "*the* Linux implementation" in the first sentence above). One other thing: > +(whose effective UID is nonzero). Privileged processes bypass all kernel > +security permission checks so perf_events performance monitoring is fully > +available to privileged processes without *access*, *scope* and *resource* > +restrictions. Could I ask for a slight toning down of the markup here? There's a lot of *emphasis* here that isn't really needed and tends to get in the way. Thanks, jon
