lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Sep 2010 09:52:03 -0500 From: Will Drewry <wad@...omium.org> To: Andi Kleen <andi@...stfloor.org> Cc: linux-kernel@...r.kernel.org, Alexander Viro <viro@...iv.linux.org.uk>, Andrew Morton <akpm@...ux-foundation.org>, Oleg Nesterov <oleg@...hat.com>, KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>, Roland McGrath <roland@...hat.com>, Neil Horman <nhorman@...driver.com>, "Eric W. Biederman" <ebiederm@...ssion.com>, containers@...ts.linux-foundation.org, linux-fsdevel@...r.kernel.org, Eugene Teo <eugene@...hat.com> Subject: Re: [PATCH][RFC] fs/exec.c: provide the correct process pid to the pipe helper On Fri, Sep 17, 2010 at 8:26 AM, Andi Kleen <andi@...stfloor.org> wrote: > On Thu, 16 Sep 2010 13:59:59 -0500 > Will Drewry <wad@...omium.org> wrote: > >> format_corename uses task_tgid_vnr to provide the numeric pid of a >> core-dumping process. For file-based coredumps, this is perfectly >> satisfactory. However, when the core_pattern contains a pipe, the >> substituted PID is invalid in the namespace of the core_pattern pipe >> helper, the init namespace. > > Nasty problem. I wonder how many more similar problems name spaces > have introduced. > > But wouldn't it be better to place the helper into the name space(s) > of the executed process? I guess it would risk breaking some existing > set ups, but it seem like the cleanest solution to me. If you want > to move the core dump out of the name space you could still > use a named pipe or something like that with someone outside listening. > > That would also fix the net namespace problem you mentioned I agree. This was what I did first, but I wasn't confident I'd done it right. I'll go ahead and post the two patches I used to accomplish it. I'm happy to spend some time polishing them until they are functionally correct, if everyone is happy enough with the approach. more to come, will -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists