[PATCH v5 07/10] powerpc/perf: open access for CAP_PERFMON privileged process
Anju T Sudhakar
anju at linux.vnet.ibm.com
Wed Jan 22 11:02:00 UTC 2020
On 1/20/20 5:00 PM, Alexey Budankov wrote:
> Open access to monitoring for CAP_PERFMON privileged processes.
> For backward compatibility reasons access to the monitoring remains
> open for CAP_SYS_ADMIN privileged processes but CAP_SYS_ADMIN usage
> for secure monitoring is discouraged with respect to CAP_PERFMON
> capability. Providing the access under CAP_PERFMON capability singly,
> without the rest of CAP_SYS_ADMIN credentials, excludes chances to
> misuse the credentials and makes the operations more secure.
>
> Signed-off-by: Alexey Budankov<alexey.budankov at linux.intel.com>
> ---
Acked-by: Anju T Sudhakar<anju at linux.vnet.ibm.com>
More information about the Linux-security-module-archive
mailing list