Re: [PATCH] Hotplug CPU prep II: CLONE_IDLETASK

Linus Torvalds (torvalds@transmeta.com)
Thu, 9 May 2002 09:02:45 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Marc-Christian Petersen: "Strange problem with param.h/time.h/timex.h"
Previous message: Joaquin Rapela: "Re: es1371 sound problem"
In reply to: Rusty Russell: "[PATCH] Hotplug CPU prep II: CLONE_IDLETASK"

On Thu, 9 May 2002, Rusty Russell wrote:
>
> This changes CLONE_PID ("if my pid is 0, copy it") to CLONE_IDLETASK
> ("if I have CAP_SYS_MODULE, set child's pid to zero").

The "CAP_SYS_MODULE" thing needs to change, I think.

We simply cannot allow user-space to do this AT ALL, even root by mistake.

Sure, root can do other damage, but we should never allow root to do
things that simply cannot make sense from an internal consistency
standpoint.

Suggested approach:
- remove the CAP_SYS_MODULE etc checking altogether
- make sys_clone() just always mask that bit off.

Ok?

Linus

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Marc-Christian Petersen: "Strange problem with param.h/time.h/timex.h"
Previous message: Joaquin Rapela: "Re: es1371 sound problem"
In reply to: Rusty Russell: "[PATCH] Hotplug CPU prep II: CLONE_IDLETASK"