On Mon, Aug 29, 2016 at 11:28:47AM -0700, John Stultz wrote: > On Mon, Aug 22, 2016 at 4:01 PM, John Stultz <john.stu...@linaro.org> wrote: > > In changing from checking ptrace_may_access(p, PTRACE_MODE_ATTACH_FSCREDS) > > to capable(CAP_SYS_NICE), I missed that ptrace_my_access succeeds > > when p == current, but the CAP_SYS_NICE doesn't. > > > > Thus while the previous commit was intended to loosen the needed > > privledges to modify a processes timerslack, it needlessly restricted > > a task modifying its own timerslack via the proc/<tid>/timerslack_ns > > (which is permitted also via the PR_SET_TIMERSLACK method). > > > > This patch corrects this by checking if p == current before checking > > the CAP_SYS_NICE value. > > > > This patch applies on top of my two previous patches currently in -mm > > Ping? Any feedback or comments on this one?
(sorry - no objection from me on this patch, thanks)
