| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20110817165350.4bd3a2a9@lxorguk.ukuu.org.uk> Date: Wed, 17 Aug 2011 16:53:50 +0100 From: Alan Cox <alan@...rguk.ukuu.org.uk> To: Kay Sievers <kay.sievers@...y.org> Cc: Oleg Nesterov <oleg@...hat.com>, akpm@...ux-foundation.org, linux-kernel@...r.kernel.org, lennart@...ttering.net, linux-man@...r.kernel.org, roland@...k.frob.com, torvalds@...ux-foundation.org Subject: Re: + prctl-add-pr_setget_child_reaper-to-allow-simple-process-supervision .patch added to -mm tree O> This is not meant as a security feature, if that's what your asking. > It will not prevent services from doing nasty things and escape the > process that started them. But it's still a feature that today only > PID 1 and which we need for more processes. I'm more worried about it beign a security flaw... > > IOW, imho this doesn't look very useful "in general" to me. > > It is very useful if you have an init-like daemon. Which is a special case > > > May be we need something else instead... And iiuc you don't really > > need to change the reparenting, you only want the notification if > > the process exits. > > No, we want to be the parent of the process, and we want to be the one > who reaps all the child process, not only receive some out-of-band > notifications. The sub-init is the babysitter of all the things it has > started, and that should be reflected in the parent child relation. Why ? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists