lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHk-=wgfX4dvvKo8PrPZj76Z2ULMMK2RvaF+O7QhLnwOSBYdhQ@mail.gmail.com>
Date: Thu, 21 Nov 2024 11:23:46 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Kees Cook <kees@...nel.org>
Cc: Zbigniew Jędrzejewski-Szmek <zbyszek@...waw.pl>, 
	"Eric W. Biederman" <ebiederm@...ssion.com>, linux-kernel@...r.kernel.org, 
	Alexander Viro <viro@...iv.linux.org.uk>, 
	Christophe JAILLET <christophe.jaillet@...adoo.fr>, Dan Carpenter <dan.carpenter@...aro.org>, 
	Nir Lichtman <nir@...htman.org>, syzbot+03e1af5c332f7e0eb84b@...kaller.appspotmail.com, 
	Tycho Andersen <tandersen@...flix.com>, Vegard Nossum <vegard.nossum@...cle.com>
Subject: Re: [GIT PULL] execve updates for v6.13-rc1

On Thu, 21 Nov 2024 at 10:50, Kees Cook <kees@...nel.org> wrote:
>
> The only flip side I can see is that "ps" etc, should just never use comm
> at all, and instead use argv[0] from cmdline

Gods people, what are you all on about?

THIS IS WHAT PS ALREADY DOES.

Stop this completely inane discussion. It's literally like you don't
even know what you are talking about.

For user space, comm[] is basically the fallback for when cmdline
fails for some reason (for example, /proc/*/cmdline will be empty for
kworkers, but there are other situations too)

The reason? comm[] has *always* been much too limited for 'ps' output. ALWAYS.

Yes, you can literally *force* ps to not do that (eg "ps -eo comm")
but if you do that, you get the very limited comm[] output that nobody
has ever wanted ps to give exactly because it's so limited.

People who want 'argv[0]' will typically want argv[1] etc too, because
argv[0] simply IS NOT SPECIAL.

And yes, 'top' will give comm[] output because it's so much faster.

I'm done with this discussion that apparently was brought on by people
not knowing what the hell they were doing.

                Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ