| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 Sep 2009 20:59:56 -0400 From: Neil Horman <nhorman@...driver.com> To: Andrew Morton <akpm@...ux-foundation.org> Cc: linux-kernel@...r.kernel.org Subject: Re: [PATCH] proc: augment /proc/pid/limits to allow setting of process limits (v2). On Tue, Sep 29, 2009 at 01:46:03PM -0700, Andrew Morton wrote: > On Tue, 29 Sep 2009 16:25:04 -0400 > Neil Horman <nhorman@...driver.com> wrote: > > > 3) modify the proc/pid/limits write routine so that it uses do_setrlimit, > > thereby giving us the previously missing security checks. > > I dunno, the interface just seems goofy to me. > Well, I hear what your saying, although conversely, but it seems a bit goofy to me to allocate another syscall number just to do what sys_setrlimit does, but with the addition of a pid specification. I know theres precedent to do it, but it seems no less goofy to me to do it that way than via a proc write. > Yes, it's always been strange that rlimits cannot be externally > altered. And desirable to extend that. But doing what is really a > syscall via a profs poke when there already exists a syscall which does > the same thing seems Just Wrong. > Again, I understand what your saying, but to draw a parallel, the reason /proc/pid/limits exists in the first place is because there was a desire to know what the rlimit values were for a process from external contexts. We could have done this by creating a new syscall, and modifying the ulimit utility to accept the data needed to support that new syscall. But we didn't do that, we made a proc file. This just seems like the natural extension to that file, in my view. With it, we don't need to create a new utility, or extend ulimit to make it all work. > What reason is there to do it via procfs? Where's the benefit? > Ease of use really. With this interface, we can use cat/echo/etc to do administrative control of process limits. No need to extend ulimit, or create a new utility. > Maybe it's a plot to stop people from setting CONFIG_PROC_FS=n. > hmm, so I'm looking at the patch. 90% of the work is done for a new syscall. If you're adamant that you'd rather see it that way, how would you feel about a both option? I can write a follow on patch that creates a do_getrlimit, and creates 2 new syscalls (to get/set rlimits for a specified pid). Then we take this patch as is, as well as the new patch, and we can access limits either way, programatically via the syscalls, or from a high sysadmin interface via the proc file. Thoughts? Neil -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists