lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20111116234434.GA12882@umich.edu>
Date:	Wed, 16 Nov 2011 18:44:34 -0500
From:	Jim Rees <rees@...ch.edu>
To:	Jeff Layton <jlayton@...hat.com>
Cc:	John Hughes <john@...vaedi.com>,
	Trond Myklebust <trond.myklebust@...app.com>,
	linux-nfs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Don't hang user processes if Kerberos ticket for nfs4
 mount expires

Jeff Layton wrote:

  Uhhh, no...EKEYEXPIRED was never passed to userland. The patchset that
  added EKEYEXPIRED returns in this codepath also added the code to make
  it hang. 
  
  This not a bug, or at least it's intentional behavior. When a krb5
  ticket expires, we *want* the process to hang. Otherwise, people with
  long running jobs will often find that their jobs error out
  inexplicably when their ticket expires.

Who decided that?  This seems completely wrong to me.  If my credentials
expire, I want to get permission denied, not a client hang.  In 20 years of
using authenticated file systems I never once wished my process had hung
when my ticket expired.

Why should this be any different from any other failure condition?  If you
try to open a file that doesn't exist, do you want your process to hang
instead of getting ENOENT, just in case the file magically appears at some
point in the future?

This seems a recipe for disaster.  Suppose I have a cron job that fires once
a minute, and all those jobs hang waiting for a ticket.  I come to work in
the morning and discover I've got 10,000 hung processes.  Or not, because my
computer has crashed from resource exhaustion.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ