lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 18 Dec 2023 13:37:44 +0100
From: Tomáš Mudruňka <tomas.mudrunka@...il.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Jonathan Corbet <corbet@....net>, linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org, 
	linux-serial@...r.kernel.org
Subject: Re: [PATCH] /proc/sysrq-trigger can now pause processing for one second

> What will kill it?  I feel like you are adding features to the kernel
> that can be done in userspace, which is generally not a good idea.

The mere act of writing "e" to /proc/sysrq-trigger kills everything
except for init, which is rather unfortunate when doing that through
remote access, like ssh (or other). I can surely block SIGTERM in
userspace by fixing all remote access software that exists to not exit
after SIGTERM, but if i want to do SIGKILL and then execute few more
sysrq actions (sync, unmount, reboot, ...) it surely is a problem
unless i am doing this from init process. which sometimes is just not
possible on remote system that have undergone some crash. and as linux
admin with 13 years of experience i can safely say that situations
with unresponsive init do happen every now and then. that is when i
usually have to resort to rebooting the system remotely via
sysrq-trigger. this process failing can be difference between me being
able to fix issue remotely with minimum downtime and me having to
physicaly visit datacenter during holidays.

BTW if still unclear, here is simple example of how running that
suggested code will not work:

$ ssh root@...10.10.10
root@...10.10.10's password:
Last login: Wed Oct  4 12:34:03 2023
root@...ian-arm64:~#
root@...ian-arm64:~# echo e > /proc/sysrq-trigger
Connection to 10.10.10.10 closed by remote host.
Connection to 10.10.10.10 closed.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ