On 10/21/22 14:37, Alejandro Colomar wrote:
On 10/19/22 01:50, Zach OKeefe wrote:From: Zach O'Keefe <zokeefe@xxxxxxxxxx> The initial commit of process_madvise(2) to man-pages project included an error, indicating that CAP_SYS_ADMIN capability was required when, in fact, CAP_SYS_NICE was the required capability. The initial commit of process_madvise(2) to Linux, commit ecb8ac8b1f14 ("mm/madvise: introduce process_madvise() syscall: an external memory hinting API"), relied on PTRACE_MODE_ATTACH_FSCREDS (see ptrace(2)), but was amended by commit 96cfe2c0fd23 ("mm/madvise: replace ptrace attach requirement for process_madvise") which replaced this with a combination of PTRACE_MODE_READ and CAP_SYS_NICE (PTRACE_MODE_READ to prevent leaking ASLR metadata and CAP_SYS_NICE for influencing process performance).
[...]
If I understand the paragraph above, from 5.10 to 5.12 the capability required was CAP_SYS_ADMIN?
Or was it CAP_SYS_PTRACE? -- <http://www.alejandro-colomar.es/>
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
