I think a good way to handle it would be to have a configuration file
like /etc/sudoers and setuid root stap (or staprun). The access control
would then be built into systemtap.
Here are my ideas of what would make a "good" set of controls:
- level of tap script they can run, e.g. guru mode code or not
- sections of the kernel they can access (maybe this is
better represented as what tapsets may they use)
- how much overhead are they allowed to put on the system
- are they allowed to look at data for other user's processes
- are they allowed to reference line #'s or direct memory addrs