netfilter: xt_qtaguid: report only uid tags to non-privileged processes
In the past, a process could only see its own stats (uid-based summary, and details). Now we allow any process to see other UIDs uid-based stats, but still hide the detailed stats. Change-Id: I7666961ed244ac1d9359c339b048799e5db9facc Signed-off-by: JP Abgrall <jpa@google.com>
This commit is contained in:
parent
d351ae74c3
commit
c33bcd3772
|
@ -2588,8 +2588,9 @@ static int pp_stats_line(struct proc_print_info *ppi, int cnt_set)
|
|||
} else {
|
||||
tag_t tag = ppi->ts_entry->tn.tag;
|
||||
uid_t stat_uid = get_uid_from_tag(tag);
|
||||
|
||||
if (!can_read_other_uid_stats(stat_uid)) {
|
||||
/* Detailed tags are not available to everybody */
|
||||
if (get_atag_from_tag(tag)
|
||||
&& !can_read_other_uid_stats(stat_uid)) {
|
||||
CT_DEBUG("qtaguid: stats line: "
|
||||
"%s 0x%llx %u: insufficient priv "
|
||||
"from pid=%u tgid=%u uid=%u\n",
|
||||
|
|
Loading…
Reference in New Issue