Why not make it mode 440, and have a mount option for the proc
filesystem that gives which gid certain sensitive files should have.
The openwall security patch does this (with a few further restrictions
to the permissions of certain /proc files) and I like it a lot.
-- Frank v Waveren Fingerprint: 21A7 C7F3 fvw@[var.cx|stack.nl|chello.nl] ICQ#10074100 1FF3 47FF 545C CB53 Public key: hkp://wwwkeys.pgp.net/fvw@var.cx 7BD9 09C0 3AC1 6DF2 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/