On Tue, Jan 19, 2021 at 9:02 PM James Morris <jmorris@xxxxxxxxx> wrote: > > On Mon, 11 Jan 2021, Suren Baghdasaryan wrote: > > > Replace PTRACE_MODE_ATTACH with a combination of PTRACE_MODE_READ > > and CAP_SYS_NICE. PTRACE_MODE_READ to prevent leaking ASLR metadata > > and CAP_SYS_NICE for influencing process performance. > > > Almost missed these -- please cc the LSM mailing list when modifying > capabilities or other LSM-related things. Thanks for the note. Will definitely include it when sending the next version. > > -- > James Morris > <jmorris@xxxxxxxxx> > > -- > To unsubscribe from this group and stop receiving emails from it, send an email to kernel-team+unsubscribe@xxxxxxxxxxx. >
