lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <1246019931.10001.7.camel@quest>
Date:	Fri, 26 Jun 2009 13:38:51 +0100
From:	Scott James Remnant <scott@...ntu.com>
To:	Matt Helsley <matthltc@...ibm.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, Sukadev <sukadev@...ibm.com>,
	Containers <containers@...ts.linux-foundation.org>,
	Michael Kerrisk <mtk.manpages@...il.com>,
	linux-man@...r.kernel.org
Subject: Re: [PATCH] proc connector: add event for process becoming session
 leader

On Tue, 2009-06-23 at 14:01 -0700, Matt Helsley wrote:

> On Mon, Jun 22, 2009 at 04:19:09PM -0700, Andrew Morton wrote:
> > > +	get_seq(&msg->seq, &ev->cpu);
> > > +	ktime_get_ts(&ts); /* get high res monotonic timestamp */
> > > +	put_unaligned(timespec_to_ns(&ts), (__u64 *)&ev->timestamp_ns);
> > > +	ev->what = PROC_EVENT_SID;
> > > +	ev->event_data.sid.process_pid = task->pid;
> > 
> > This is a bit of a worry.  In a containerised environment, pids are not
> > unique.  Now what do we do?
> 
> An excellent point. It's broadcast via a netlink multicast address. That
> means we'd have pids and listeners from arbitrary combinations of pid
> namespaces.
> 
Yeah, right now that's a general problem with the netlink approach
compared to the signal approach I was using before.  Of course, it's
also non-obvious how init in the initial pid namespace should deal with
processes dying in a different pid namespace.

> One obvious but poor solution is to only send the pid of the initial
> pid namespace. Then it's not ambiguous what an event refers to. However
> it also means that the events would only be useful to tasks running
> in the initial pid namespace -- not a good solution given Scott's example
> and our desire to run things like sshd in separate pid namespaces.
> 
> Alternatively, we may be able to split up the connector such that the
> listeners only see events from their own pid namespace. I'm not
> sure that netlink and connectors can enable this change though.
> 
Or the netlink socket could include both the pid, and a descriptor of
the pid namespace that it is in (isn't it just a pid itself?)  That way
listeners could check the namespace is the same before carrying on.

Though that obviously leaks information you may not actually want
leaked?

Scott
-- 
Scott James Remnant
scott@...ntu.com

Download attachment "signature.asc" of type "application/pgp-signature" (198 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ