Re: [RFC] [Patch 0/21] Non disruptive application core dump infrastructure

[Tejun Heo]

Hello,

On 12/14/2010 04:49 PM, Linus Torvalds wrote:
> On Tue, Dec 14, 2010 at 1:52 AM, Suzuki K. Poulose <suzuki@xxxxxxxxxx> wrote:
>>
>> This is series of patches implementing an infrastructure for capturing the core
>> of an application without disrupting its process semantics.
>>
>> The infrastructure makes use of the freezer subsystem in kernel to freeze the
>> threads and then collect the information to generate  the core.
> 
> This seems to be a fundamentally flawed approach.
> 
>>From a security standpoint, it looks like a total disaster. A frozen
> process is really hard to get rid of, so it looks like an obvious DoS
> attack to just create lots of processes, then sneakily freeze them
> all, and then laugh at the poor system admin who has no idea what's
> going on. While frozen, the things are basically unkillable but look
> entirely normal, no?

I think a better way would be adding a ptrace attach which is nestable
and doesn't have the nasty side effect caused by the interactions
between the implicit SIGSTOP and group stop.  As a preparation step, I
posted a patchset to cleanup the interactions between ptrace and group
stop which is being reviewed.  Once we have a nestable ptrace attach,
we should be able to simply adapt gcore(1) to use it and write out
core dump from userland.

Thanks.

-- 
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/