> Anyway, no need to add prctl(), if A can ptrace B and B can ptrace A, > leaking info between them should not be a big deal. You can probably > find existing macros doing neccessary checks. Until one of them is security managed so it shouldn't be able to ptrace the other, or (and this is the nasty one) when a process is executing code it wants to protect from the rest of the same process (eg an untrusted jvm, javascript or probably nastiest of all webassembly) We don't need a prctl for trusted/untrusted IMHO but we do eventually need to think about API's for "this lot is me but I don't trust it" (flatpack, docker, etc) and for what JIT engines need to do. Alan -- To unsubscribe from this list: send the line "unsubscribe linux-s390" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
