[PATCH bpf-next] bpf, capabilities: introduce CAP_BPF
Alexei Starovoitov
alexei.starovoitov at gmail.com
Thu Aug 29 17:19:24 UTC 2019
On Thu, Aug 29, 2019 at 09:34:34AM -0400, Steven Rostedt wrote:
>
> As the above seems to favor the idea of CAP_TRACING allowing write
> access to tracefs, should we have a CAP_TRACING_RO for just read access
> and limited perf abilities?
read only vs writeable is an attribute of the file system.
Bringing such things into caps seem wrong to me.
More information about the Linux-security-module-archive
mailing list