Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 11 Apr 2021 10:46:02 +0200
From: John Wood <>
To: Valdis Klētnieks <>,
	Andi Kleen <>
Cc: John Wood <>,,
	Kees Cook <>,
Subject: Re: Notify special task kill using wait* functions


On Fri, Apr 09, 2021 at 07:28:20PM -0400, Valdis Klētnieks wrote:
> On Fri, 09 Apr 2021 08:06:21 -0700, Andi Kleen said:
> > Thinking more about it what I wrote above wasn't quite right. The cache
> > would only need to be as big as the number of attackable services/suid
> > binaries. Presumably on many production systems that's rather small,
> > so a cache (which wouldn't actually be a cache, but a complete database)
> > might actually work.
> You also need to consider non-suid things called by suid things that don't
> sanitize input sufficiently before invocation...
> Thinking about at - is it really a good thing to try to do this in kernelspace?
> Or is 'echo 1 > /proc/sys/kernel/print-fatal-signals' and a program to watch
> the dmesg and take action more appropriate?  A userspace monitor would
> have more options (though a slightly higher risk of race conditions).

Thanks for the ideas. I need some time to send a formal proposal that
works properly. I would like to get feedback at that moment. I think it
would be better to discuss about the real patch.

Again, thanks.
John Wood

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.