Re: /proc/sys/kernel/pid_max issues

From: Pavel Machek
Date: Sat Sep 18 2004 - 13:35:42 EST

Next message: Jon Smirl: "Design for setting video modes, ownership of sysfs attributes"
Previous message: Andries.Brouwer: "hackbench?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> > > > I'd much prefer LRU allocation. There are
> > > > lots of system calls that take PID values.
> > > > All such calls are hazardous. They're pretty
> > > > much broken by design.
> > >
> > > this is a pretty sweeping assertion. Would you
> > > care to mention a few examples of such hazards?
> >
> > kill(12345,9)
> > setpriority(PRIO_PROCESS,12345,-20)
> > sched_setscheduler(12345, SCHED_FIFO, &sp)
> >
> > Prior to the call being handled, the process may
> > die and be replaced. Some random innocent process,
> > or a not-so-innocent one, will get acted upon by
> > mistake. This is broken and dangerous.
>
> easy to fix: SIGSTOP the task, check it's really
> the one you want and then do the setpriority /
> setscheduler call and SIGCONT it. Any privileged
> code that is about to spread some of its privileges
> via asynchronous system-calls need to be careful.

What if OOM killer decides it wants that memory in between? Attacker
could probably help it...
Pavel
--
People were complaining that M$ turns users into beta-testers...
...jr ghea gurz vagb qrirybcref, naq gurl frrz gb yvxr vg gung jnl!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jon Smirl: "Design for setting video modes, ownership of sysfs attributes"
Previous message: Andries.Brouwer: "hackbench?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]