On Fri, 2016-06-17 at 08:56 +0300, Alexander Shishkin wrote: > Ben Hutchings writes: > > > When kernel.perf_event_open is set to 3 (or greater), disallow all > > access to performance events by users without CAP_SYS_ADMIN. > > Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that > > makes this value the default. > > So this patch does two things, can it then be made into two patches? It could. > > > > This is based on a similar feature in grsecurity > > (CONFIG_GRKERNSEC_PERF_HARDEN).  This version doesn't include making > > the variable read-only.  It also allows enabling further restriction > > at run-time regardless of whether the default is changed. > > This paragraph doesn't seem to belong in the commit message. I'm giving credit where credit is due. > What this commit message is missing entirely is the rationale behind > this change other than "grsecurity does the same". Can you please > elaborate? It allows disabling a facility which in many systems is not needed and is only a security risk. > > Signed-off-by: Ben Hutchings > > --- > > I made a similar change to Debian's kernel packages in August, > > including the more restrictive default, and no-one has complained yet. > > As a debian user, is this a good place to complain? Because it does get > it the way. OK, then you're the first one.  And you know how to change this, don't you? Ben. -- Ben Hutchings We get into the habit of living before acquiring the habit of thinking.                                                               - Albert Camus