RE: [RFC PATCH] New SA_NOPRNOTIF sigaction flag

[Davda, Bhavesh P (Bhavesh)]

> Also, this is far from the only problem you're going to have 
> if you run
> your debugger with lower priority than your debuggee.

About the priority inversion and running the debugger at higher priority
then the debuggee, that's a moot point. You're still doing too many
pointless context switches to the debugger only to do nothing and switch
back to the debuggee.


> > 
> > IMHO this is a perfectly safe capability...
> 
> No.  Ptrace is considered a security barrier; the tracee should not be
> able to control what the tracer sees.
> 

Since when did ptrace become a security barrier? If security is the only
concern, then we can always add a capability check to only allow root to
set SA_NOPRNOTIF on sigaction() for a particular signal.

Besides, putting this responsibility (ignore SIGCHLDs for signal X from
Task Y) in the debugger requires the debugger to have information about
the debuggee, like Task Y is special for handling signal X, and I'm
going to ptrace() ignore SIGCHLD's from Task Y.

See where I'm going with this?

That's why I specifically put the responsibility on the debuggee to say:
I know what I'm doing and I don't want the debugger to be notified about
this specific signal.


- Bhavesh


Bhavesh P. Davda | Distinguished Member of Technical Staff | Avaya |
1300 West 120th Avenue | B3-B03 | Westminster, CO 80234 | U.S.A. |
Voice/Fax: 303.538.4438 | bhavesh@xxxxxxxxx

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/