| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240804185338.GB27866@redhat.com> Date: Sun, 4 Aug 2024 20:53:38 +0200 From: Oleg Nesterov <oleg@...hat.com> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Brian Mak <makb@...iper.net>, "Eric W. Biederman" <ebiederm@...ssion.com>, Kees Cook <kees@...nel.org>, Alexander Viro <viro@...iv.linux.org.uk>, Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>, "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>, "linux-mm@...ck.org" <linux-mm@...ck.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [RFC PATCH] piped/ptraced coredump (was: Dump smaller VMAs first in ELF cores) OK, I won't insist, just a couple of notes. On 08/04, Linus Torvalds wrote: > > On Sun, 4 Aug 2024 at 08:23, Oleg Nesterov <oleg@...hat.com> wrote: > > > > What do you think? > > Eww. I really don't like giving the dumper ptrace rights. Why? Apart from SIGKILL, the dumper already has the full control. And note that the dumper can already use ptrace. It can do, say, ptrace(PTRACE_SEIZE, PTRACE_O_TRACEEXIT), close stdin, and wait for PTRACE_EVENT_EXIT. IIRC some people already do this, %T just makes the usage of ptrace more convenient/powerful in this case. > So I prefer the original patch because it's also small, but it's > conceptually much smaller. Ah, sorry. I didn't mean that %T makes the Brian's patch unnecessary, I just wanted to discuss this feature "on a related note". Oleg.
Powered by blists - more mailing lists