Why profiler needs root permission?

I would like to run the nv-nsight-cu-cli on an HPC cluster, however the admin hasn’t granted the profiling permission (regarding ERR_NVGPUCTRPERM) and claims that with profiler it is possible to access other processes. That means theoretically, one can spy other user’s process and data with the profiler. Is that a true statement?

I thought that the root permission, or granting access to a user is because of low-level accesses that are done in the kernel mode. I haven’t heard about possible security holes but I agree that in theory everything bad is possible!

Please refer to NVIDIA Development Tools Solutions - ERR_NVGPUCTRPERM: Permission issue with Performance Counters | NVIDIA Developer and the related, linked security notice for information on the profiler permissions control and the security implications.

Note also that since this requires local user access, this does not apply to systems where concurrent assignment of resources to multiple users is prevented by the system’s resource allocator.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.