Secondary process access control mechanism

Bruce Richardson bruce.richardson at intel.com
Mon Jul 14 11:03:34 CEST 2025

Previous message (by thread): Secondary process access control mechanism
Next message (by thread): [PATCH] examples/flow_filtering: add re-route to kernel snippet
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 09, 2025 at 08:02:30PM +0200, Morten Brørup wrote:
> Are there any access control mechanisms to govern what a secondary process can do to a primary process?
> 
> Let's say I'm running a primary process, and want to allow only authorized secondary processes to attach to it. No unauthorized secondary processes should be able to attach to it.
> 
> I assume there is no fine grained control over which features various secondary processes can access.
> 
Nope, no fine grained control. The only control that we have is that
governed by the unix access permissions on the process and the runtime
directory. Any secondary process run by the user of the primary process
will have full access to the primary process. AFAIK: other users on the system
should not have any access, unless permissions are set appropriately by the
primary user. [However, I suspect this is not something we ever test!]

/Bruce

Previous message (by thread): Secondary process access control mechanism
Next message (by thread): [PATCH] examples/flow_filtering: add re-route to kernel snippet
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list