Re: [Patch][RFC] fcntl: add ability to stop monitored processes

[Neil Horman]

On Mon, Jun 13, 2005 at 03:03:32PM +0100, Alan Cox wrote:
> On Llu, 2005-06-13 at 14:48, Neil Horman wrote:
> > The idea I had was to catch processes which are preforming ostensibly
> > undesireable filesystem operations (as defined by the actions that F_NOTIFY can
> > monitor).  I'm not sure how else to avoid the race condition that can arise
> > between the delivery of the F_NOTIFY signal to the monitoring process, and the
> > exiting of the monitored process. If you have another thought, I'm certainly
> > open to it.
> 
> I'm more worried you will make things worse not better. My first thought
> was what stops me just filling up the file table with admin work
> possibly also involving setuid processes so the end user cannot rescue
> the situation.
> 
I understand the concern here, but can't root always do desructive things to the
system?

> If its trying to do debugging then ptrace makes sense and the parent
> would be notified. Ptrace deals with exit of tracer and security for
> you. If you are trying to implement a security policy then the selinux
> hooks already allow you to block access to those files by selected
> processes anyway just as your F_NOTIFY hook would do, and you could even
> write a new security layer with a daemon that decided for the F_NOTIFY
> equivalents.
> 
I'll certainly try this again using the ptrace interface, rather than fcntl.  Do
you think the whole F_NOTIFY function should move over, or just this particular
feature?

Neil
> Alan
> 

-- 
/***************************************************
 *Neil Horman
 *Software Engineer
 *Red Hat, Inc.
 *nhorman@xxxxxxxxxx
 *gpg keyid: 1024D / 0x92A74FA1
 *http://pgp.mit.edu
 ***************************************************/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/