Hello Otto,

On 22 August 2017 at 10:14, Otto Ebeling [off-list ref] wrote:

Hi,

quoted

       To  move  pages  in  another process requires the following privi‐
       leges:

       *  In kernels up to and including Linux 4.12: the caller  must  be
          privileged  (CAP_SYS_NICE)  or the real or effective user ID of
          the calling process must match the real or saved-set user ID of
          the target process.

       *  The  older rules allowed the caller to discover various virtual
          address choices made by the  kernel  that  could  lead  to  the
          defeat  of  address-space-layout  randomization  for  a process
          owned by the same UID as the caller,  the  rules  were  changed
          starting with Linux 4.13.  Since Linux 4.13, permission is gov‐
          erned by a ptrace access mode PTRACE_MODE_READ_REALCREDS  check
          with respect to the target process; see ptrace(2).

Look okay?

Thanks for fixing that up, makes sense to document the historical behavior!
Regarding the references to "Linux 4.13", I wanted to point out I got emails
that indicate the patch was/will be merged to "3.18-stable tree, 4.12-stable
tree, 4.4-stable tree, 4.9-stable". See e.g.
https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/?id=b52c5821b05b33af36b77ba5cfee54818828508f

Not sure how to word this in a man page - maybe something like "4.13, and
updated versions of 3.18, 4.12, 4.4, and 4.9". What do you think?

The cross-product if individual patches that hit stable and the
various stable versions is just too complex too track in man pages, so
I do not even try...

Cheers,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html