Reporting pids to unpriviledged processes with fanotify events

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

Amir is working on exposing part of fanotify functionality (fanotify is
filesystem notification events framework) to unpriviledged processes
(currently fanotify is restricted to CAP_SYS_ADMIN only). The initial plan
is to expose the functionality already provided by inotify and then expand
on that. Now there's one thing I was wondering about: Fanotify reports PID
of the process that caused the filesystem event (open, read, write, ...)
together with the event. Is this information safe to be exposed to
unpriviledged process as well? I'd say PID of a process doing IO is not
very sensitive information but OTOH I don't know of a way how it could be
obtained currently by an unpriviledged user so maybe it could be misused in
some way. Any opinions on that? Thanks for ideas.

								Honza
-- 
Jan Kara <jack@xxxxxxxx>
SUSE Labs, CR



[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux