On Mon, Oct 21, 2002 at 03:29:33PM +0100, Alan Cox wrote:
> On Thu, 2002-10-17 at 17:40, Daniel Jacobowitz wrote:
> > My only problem with this is that you're waiting for all threads by
> > SIGKILLing them. If a process vforks or clones, and then the child
> > crashes, the parent will receive a SIGKILL - iff we are dumping core.
> > That's a change in behavior that seems a bit too arbitrary to me.
>
> It also has a security impact when you construct a fork/fork/crash
> sequence that sends sigkill to the module loader or a kernel thread
> during start up that has not yet dropped its association with the user
> code.
Why? It's not like userspace couldn't send that SIGKILL on its own,
right? If it's still killable it had better be safe to do so.
-- Daniel Jacobowitz MontaVista Software Debian GNU/Linux Developer - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Oct 23 2002 - 22:00:54 EST