> The point here is not that it's possible to do unsafe things but that it's
> impossible to do safe things. A person or program that wants to kill a
> particular process has, in principle, no way to do it without fear of
> killing innocent processes.
>
Seems to me the risk of someone accidentally guessing the root password
is greater than this.
Someone spawning enough processes to wrap the PIDs probably show up in
more
ways than simply having a process you want to kill. The paranoid
administrator
can run ps twice and notice the fluctuating PID, (or possibly a user
with
32000 processes)
Noticing a "clever" hacker, there are other ways than kill. Remove him
from
/etc/passwd, move the home directory, zero his disk quota. Temporarily
firewall
his IP address or change baud rate on his serial line. Any of this may
crash
his exploit. If not - use up all the remaining PID's, then kill the now
very predictable one. The brave administrator might trash his memory
through /dev/mem or something. Picking a fight with root is usually not
a good idea.
Helge Hafting
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jan 23 2000 - 21:00:17 EST