Re: establishing the callers PID

bug-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: establishing the callers PID

From:	Thomas Bushnell, BSG
Subject:	Re: establishing the callers PID
Date:	11 May 2002 18:02:18 -0700
User-agent:	Gnus/5.09 (Gnus v5.9.0) Emacs/21.2

Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de> writes:

> I think it is absolutely mandatory that we establish the PID in a
> trustworthy way rather than let the user provide some unique ID on its own.
> I think there is already a place in the Hurd where we should do that but
> don't (wasn't that term's term_open_ctty?), and there are all sort of simple
> attacks possible if we can't trust the PID (eg a monitor server might check
> for stale advisory locks and kill processes that don't release them timely. 
> In the untrusted model, a user could make this monitor process kill
> arbitrary processes on the system).

Nope; a malicious filesystem could just return bogus PID values too.

I don't think this is a serious security issue, actually.  Such a
monitor depends on an awful lot--it's not a strict Posix program
already.

Thomas

[Prev in Thread]

Current Thread

[Next in Thread]

establishing the callers PID, Marcus Brinkmann, 2002/05/11
- Re: establishing the callers PID, Thomas Bushnell, BSG <=
  - Re: establishing the callers PID, Marcus Brinkmann, 2002/05/11
    - Re: establishing the callers PID, Thomas Bushnell, BSG, 2002/05/11
    - Re: establishing the callers PID, Niels Möller, 2002/05/13
    - Re: establishing the callers PID, Thomas Bushnell, BSG, 2002/05/13

Prev by Date: Re: fakeroot problem
Next by Date: [Patch #311] remap store of multiple runs without store class support
Previous by thread: establishing the callers PID
Next by thread: Re: establishing the callers PID
Index(es):
- Date
- Thread