[$] CAP_PERFMON — and new capabilities in general The
perf_event_open()system call is a complicated beast, requiring a fair amount of study to
master. This call also has some interesting security implications: it can
be used to obtain a lot of information about the running system, and the
complexity of the underlying implementation has made it more than usually
prone to unpleasant bugs. In current kernels, the security controls around
perf_event_open() are simple, though: if you have the
CAP_SYS_ADMIN capability,
perf_event_open() is available
to you (though the system administrator can make it available without any
privilege at all). Some
current work to create a new capability for the perf events subsystem would
seem to make sense, raising the question of why adding new capabilities
isn't done more often.