[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [patch] thread-aware coredumps, 2.5.43-C3



On Mon, 2002-10-21 at 15:54, Daniel Jacobowitz wrote:
> On Mon, Oct 21, 2002 at 03:29:33PM +0100, Alan Cox wrote:
> > On Thu, 2002-10-17 at 17:40, Daniel Jacobowitz wrote:
> > > My only problem with this is that you're waiting for all threads by
> > > SIGKILLing them.  If a process vforks or clones, and then the child
> > > crashes, the parent will receive a SIGKILL - iff we are dumping core. 
> > > That's a change in behavior that seems a bit too arbitrary to me.
> > 
> > It also has a security impact when you construct a fork/fork/crash
> > sequence that sends sigkill to the module loader or a kernel thread
> > during start up that has not yet dropped its association with the user
> > code.
> 
> Why?  It's not like userspace couldn't send that SIGKILL on its own,
> right?  If it's still killable it had better be safe to do so.

The kernel side isnt, the signal handling isnt always "normal". Its the
extreme case of the problem not the general one. Fixing the vfork/clone
crash is doable, and one approach would be to solve the problem by
saying "if you claim to be a thread group with the new style flags you
get to be killed as a group and dumped as a group", with old stuff
behaving like it always did before.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]