[Kernel-packages] [Bug 1905786] [NEW] perf_event_open is not restricted to admin by default

Thu, 26 Nov 2020 12:41:00 -0800 

Public bug reported:

[Impact]
perf_event_open is not restricted by default, which means unprivileged users 
may have access to information they should not have.

[Test case]
Run as an unprivileged user:
perf stat true
and check that it fails.

[Potential regression]
Users who expect to be able to use perf will not be able to do it. The fix 
might also cause the build to fail, in case it doesn't match enforced config 
options.

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: Invalid

** Affects: linux-raspi2 (Ubuntu)
     Importance: Undecided
         Status: Invalid

** Affects: linux (Ubuntu Bionic)
     Importance: Undecided
         Status: Invalid

** Affects: linux-raspi2 (Ubuntu Bionic)
     Importance: Medium
     Assignee: Thadeu Lima de Souza Cascardo (cascardo)
         Status: In Progress

** Also affects: linux-raspi2 (Ubuntu)
   Importance: Undecided
       Status: New

** Also affects: linux (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Also affects: linux-raspi2 (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Changed in: linux (Ubuntu)
       Status: New => Invalid

** Changed in: linux (Ubuntu Bionic)
       Status: New => Invalid

** Changed in: linux-raspi2 (Ubuntu)
       Status: New => Invalid

** Changed in: linux-raspi2 (Ubuntu Bionic)
       Status: New => In Progress

** Changed in: linux-raspi2 (Ubuntu Bionic)
     Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)

** Changed in: linux-raspi2 (Ubuntu Bionic)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1905786

Title:
  perf_event_open is not restricted to admin by default

Status in linux package in Ubuntu:
  Invalid
Status in linux-raspi2 package in Ubuntu:
  Invalid
Status in linux source package in Bionic:
  Invalid
Status in linux-raspi2 source package in Bionic:
  In Progress

Bug description:
  [Impact]
  perf_event_open is not restricted by default, which means unprivileged users 
may have access to information they should not have.

  [Test case]
  Run as an unprivileged user:
  perf stat true
  and check that it fails.

  [Potential regression]
  Users who expect to be able to use perf will not be able to do it. The fix 
might also cause the build to fail, in case it doesn't match enforced config 
options.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1905786/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to