This change is likely to be included in 2.6.32.y and, by default, in our
next stable point release. As Linus says, this means that unprivileged
accounts won't be able to run iotop, but this is probably correct
behaviour.
It appears that older versions of iotop do not report this error in a
helpful way (#644616). So I think that if we apply this change to the
kernel then iotop should also be updated in stable.
Ben.
-------- Forwarded Message --------
From: gregkh@suse.de
To: torvalds@linux-foundation.org, bsingharora@gmail.com, gregkh@suse.de, jmm@inutil.org, johannes.berg@intel.com, segoon@openwall.com
Cc: stable@vger.kernel.org, stable-commits@vger.kernel.org
Subject: Patch "Make TASKSTATS require root access" has been added to the 2.6.32-longterm tree
Date: Tue, 13 Dec 2011 14:10:52 -0800
This is a note to let you know that I've just added the patch titled
Make TASKSTATS require root access
to the 2.6.32-longterm tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/longterm/longterm-queue-2.6.32.git;a=summary
The filename of the patch is:
make-taskstats-require-root-access.patch
and it can be found in the queue-2.6.32 subdirectory.
If you, or anyone else, feels it should not be added to the 2.6.32 longterm tree,
please let <stable@vger.kernel.org> know about it.
From 1a51410abe7d0ee4b1d112780f46df87d3621043 Mon Sep 17 00:00:00 2001
From: Linus Torvalds <torvalds@linux-foundation.org>
Date: Mon, 19 Sep 2011 17:04:37 -0700
Subject: Make TASKSTATS require root access
From: Linus Torvalds <torvalds@linux-foundation.org>
commit 1a51410abe7d0ee4b1d112780f46df87d3621043 upstream.
Ok, this isn't optimal, since it means that 'iotop' needs admin
capabilities, and we may have to work on this some more. But at the
same time it is very much not acceptable to let anybody just read
anybody elses IO statistics quite at this level.
Use of the GENL_ADMIN_PERM suggested by Johannes Berg as an alternative
to checking the capabilities by hand.
Reported-by: Vasiliy Kulikov <segoon@openwall.com>
Cc: Johannes Berg <johannes.berg@intel.com>
Acked-by: Balbir Singh <bsingharora@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Moritz Mhlenhoff <jmm@inutil.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
kernel/taskstats.c | 1 +
1 file changed, 1 insertion(+)
--- a/kernel/taskstats.c
+++ b/kernel/taskstats.c
@@ -592,6 +592,7 @@ static struct genl_ops taskstats_ops = {
.cmd = TASKSTATS_CMD_GET,
.doit = taskstats_user_cmd,
.policy = taskstats_cmd_get_policy,
+ .flags = GENL_ADMIN_PERM,
};
static struct genl_ops cgroupstats_ops = {
Patches currently in longterm-queue-2.6.32 which might be from torvalds@linux-foundation.org are
/home/gregkh/linux/longterm/longterm-queue-2.6.32/queue-2.6.32/linux-log2.h-fix-rounddown_pow_of_two-1.patch
/home/gregkh/linux/longterm/longterm-queue-2.6.32/queue-2.6.32/hfs-fix-hfs_find_init-sb-ext_tree-null-ptr-oops.patch
/home/gregkh/linux/longterm/longterm-queue-2.6.32/queue-2.6.32/make-taskstats-require-root-access.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Ben Hutchings
Computers are not intelligent. They only think they are.
Attachment:
signature.asc
Description: This is a digitally signed message part