On Mon, Aug 28, 2000 at 07:34:00AM -0600, yodaiken@fsmlabs.com wrote:
> > There are large security considerations. A process must be KILL and
> > STOPable, no matter wether it uses threads or not. every other semantics
> > would be a security nightmare (or make threads a root-only interface).
>
> That's why pthreads as a special library or executable type seems best.
Just that that sounds very fragile ;) setuid-libraries... well...
> Otherwise, there seems room in the POSIX spec to wriggle out of the STOP
> requirement.
That might be the case, but my concern is not POSIX but security, an
orthogonal concept. Lax handling of STOP is a big security problem, even
with the process-only model (see the many programs that suffice to survive
KILL or SOTP for some time), and with threads it only gets easier.
-- -----==- | ----==-- _ | ---==---(_)__ __ ____ __ Marc Lehmann +-- --==---/ / _ \/ // /\ \/ / pcg@opengroup.org |e| -=====/_/_//_/\_,_/ /_/\_\ XX11-RIPE --+ The choice of a GNU generation | | - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 31 2000 - 21:00:21 EST