[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: version of thread ids
|
From: |
Niels Möller |
|
Subject: |
Re: version of thread ids |
|
Date: |
20 May 2003 23:32:57 +0200 |
|
User-agent: |
Gnus/5.09 (Gnus v5.9.0) Emacs/21.2 |
address@hidden (Niels Möller) writes:
> It took me a while before I understood why you don't want to keep the
> same task id, just as you keep the pid. But this is almost clear now:
> It's because that's the only way to purge all old object handles, as
> the task could have a lot of random handles that no server involved in
> the exec is aware of.
After thinking a little more, I'm still not convinced that this is a
security issue. However, I think that
* it's nice to have the default behaviour for all non-fd object
handles be that they are closed automatically on exec.
* it's nice to notify *other* processes', which own handles to any
objects *we* serve, that the objects no longer exists.
* changing the task id and sending out death notifications for the old
one seems like a nice and clean way to implement this behaviour.
And at last, and perhaps most important: When thinking about it as a
robustness issue, rather than a security issue, this is just as
applicable for ordinary, non-secure, exec.
So I'd suggest that changing the task id, and sending out death
notifications for the old id, should be done as part of the ordinary
non-secure exec procedure.
/Niels