Re: [PATCH] [3/3] Support piping into commands in/proc/sys/kernel/core_pattern

[Andrew Morton]

On Thu, 17 Aug 2006 12:27:44 +0100
Alan Cox <alan@xxxxxxxxxxxxxxxxxxx> wrote:

> Ar Iau, 2006-08-17 am 11:46 +0200, ysgrifennodd Andi Kleen:
> > Several people from the embedded area wrote me privately
> > it would be useful for them. Also I think once it's in the main kernel
> > there will be more incentive for user space to use it and I'm optimistic
> > it will get some adoption (ok I guess I should write some better
> > documentation, but there was no obvious place for it)
> 
> I don't believe that piping as such as neccessarily the right model, but
> the ability to intercept and processes core dumps from user space is
> asked for by many enterprise users as well. They want to know about,
> capture, analyse and process core dumps, often centrally and in
> automated form.
> 

OK, fair enough.

Now let's think about security.  Patches against ptrace, coredump and
procfs give me the creeps because we've had (relatively) so many problems
in those areas in the past.

So I'd suggest that we should look at this code and think about it in a
really twisted fashion - does it open any exploits?  I can't think of any,
which is worth practically zero, but I don't see how this differs from
/proc/sys/kernel/modprobe.

But still.   Is this code secure?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/