[CRIU] [PATCH] cr-super: Initial commit
Florian Weimer
fweimer at redhat.com
Wed Sep 16 07:19:00 PDT 2015
On 09/16/2015 04:13 PM, Pavel Emelyanov wrote:
> It would be great if Florian could check whether we're on the right
> track from the security POV.
I don't understand why the kernel restricts access to
/proc/PID/map_files to root. It may have its reasons for that. If it
does not, then the kernel should be fixed and simply provide access (if
the process is dumpable, a check which is much safer to implement inside
the kernel).
--
Florian Weimer / Red Hat Product Security
More information about the CRIU
mailing list