Commit 1a51410a authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Make TASKSTATS require root access 



Ok, this isn't optimal, since it means that 'iotop' needs admin
capabilities, and we may have to work on this some more.  But at the
same time it is very much not acceptable to let anybody just read
anybody elses IO statistics quite at this level.

Use of the GENL_ADMIN_PERM suggested by Johannes Berg as an alternative
to checking the capabilities by hand.

Reported-by: default avatarVasiliy Kulikov <segoon@openwall.com>
Cc: Johannes Berg <johannes.berg@intel.com>
Acked-by: default avatarBalbir Singh <bsingharora@gmail.com>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent b6a68a5b

kernel/taskstats.c

+1 −0
Original line number Diff line number Diff line
@@ -655,6 +655,7 @@ static struct genl_ops taskstats_ops = { 
	.cmd		= TASKSTATS_CMD_GET,

	.doit		= taskstats_user_cmd,

	.policy		= taskstats_cmd_get_policy,

	.flags		= GENL_ADMIN_PERM,

};



static struct genl_ops cgroupstats_ops = {

CRA Git | Maintained and supported by SUSTech CRA and CCSE