| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20070327.233549.30185448.davem@davemloft.net>
Date: Tue, 27 Mar 2007 23:35:49 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: dada1@...mosbay.com
Cc: mhuth@...sta.com, dagriego@...il.com, davem@...emloft.ne,
netdev@...r.kernel.org
Subject: Re: [PATCH] NET: Add TCP connection abort IOCTL
From: Eric Dumazet <dada1@...mosbay.com>
Date: Wed, 28 Mar 2007 08:02:21 +0200
> This is what I thought too at the begining.
>
> But after some thinking I recalled having to reboot machines just because
> netfilter was not in (because of noticeable performance hit), and I could find
> the tree to compile netfilter as modules..
>
> When I saw revoke() work in progess, I did react like you : This is coming
> from hell...
Another option, similar in vain to what Herbert suggested (the gdb
hack) is to provide a way for root to open file descriptors of other
processes and handle it like that.
Then you could just set the linger socket option properly and close it
up.
Unfortunately we prevent openning of /proc/${PID}/fd/${FD} objects
when they are sockets for well documented reasons.
Using an ioctl with a socket demux key is just beyond disgusting, it's
as simple as that. We have abstractions already for these objects so
let's use them.
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists