lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 16 Jul 2018 12:36:37 -0700
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     "Eric W. Biederman" <ebiederm@...ssion.com>
Cc:     Oleg Nesterov <oleg@...hat.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Wen Yang <wen.yang99@....com.cn>, majiang <ma.jiang@....com.cn>
Subject: Re: [RFC][PATCH 09/11] tty_io: Use do_send_sig_info in __do_SACK to
 forcibly kill tasks

On Mon, Jul 16, 2018 at 12:17 PM Eric W. Biederman
<ebiederm@...ssion.com> wrote:
>
> I should have said it doesn't matter because init does not open ttys and
> become a member of session groups.  Or at least it never has in my
> experience.  The only way I know to get that behavior is to boot with
> init=/bin/bash.

That's hopefully true, yes.

Presumably init does open the console, but hopefull doesn't do setsid.

(We *do* do "setsid()" for the linuxrc running, but that's not done by
the init thread itself).

> With the force_sig already in do_SAK today my change is not a
> regression.  As force_sig in a completely different way forces the
> signal to init.

Ok. A couple of notes in the commit description on this might be good.

> So I think we want the patch below to clean that up.  Then we don't have
> to worry about the wrong things sending signals to init by accident, and
> SEND_SIG_FORCED becomes just SEND_SIG_PRIV that skips the unnecesary
> allocation of a siginfo struct.
>
> Thoughts?

I think the end result is fine, but then I look at that patch of yours
and it does many other things and that makes me nervous.

Can you separate out the different things it does into separate
patches to make it easier to read?

           Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ