Hello Otto, On 22 August 2017 at 10:14, Otto Ebeling <oebeling@xxxxxxxxxxxxxxxxxxxx> wrote: > Hi, > >> >> To move pages in another process requires the following privi‐ >> leges: >> >> * In kernels up to and including Linux 4.12: the caller must be >> privileged (CAP_SYS_NICE) or the real or effective user ID of >> the calling process must match the real or saved-set user ID of >> the target process. >> >> * The older rules allowed the caller to discover various virtual >> address choices made by the kernel that could lead to the >> defeat of address-space-layout randomization for a process >> owned by the same UID as the caller, the rules were changed >> starting with Linux 4.13. Since Linux 4.13, permission is gov‐ >> erned by a ptrace access mode PTRACE_MODE_READ_REALCREDS check >> with respect to the target process; see ptrace(2). >> >> Look okay? > > > Thanks for fixing that up, makes sense to document the historical behavior! > Regarding the references to "Linux 4.13", I wanted to point out I got emails > that indicate the patch was/will be merged to "3.18-stable tree, 4.12-stable > tree, 4.4-stable tree, 4.9-stable". See e.g. > https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/?id=b52c5821b05b33af36b77ba5cfee54818828508f > > Not sure how to word this in a man page - maybe something like "4.13, and > updated versions of 3.18, 4.12, 4.4, and 4.9". What do you think? The cross-product if individual patches that hit stable and the various stable versions is just too complex too track in man pages, so I do not even try... Cheers, Michael -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Linux/UNIX System Programming Training: http://man7.org/training/ -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
