non-root process and PID files
Terry Lambert
tlambert2 at mindspring.com
Tue Oct 28 05:00:32 PST 2003
Leo Bicknell wrote:
> Dan Langille wrote:
> > Any suggestions?
>
> Here's a slightly backwards concept.
>
> We're all familar with how you can open a file, remove it from the
> directory, and not have it "go away" until the application closes
> it. Well, extend those semantics to the namespace.
>
> That is, have a directory where any name that does not exist can be
> opened RW, any name that does exist can be opened RO. A file is
> automatically removed when no one has an open descriptor to it anymore.
This is a somewhat neat idea. However, it would open a pretty
big race window, and you could denial-of-service a server by
creating a PID file belonging to some server, and leaving it
there with a bogus PID in it, and anything that was watching
the file R/O to kill -0 it to check if the processs needs to be
restarted would always think the process needs to be restarted.
8-).
Basically, all your processes would end up needing to be SUID
root, at least initially, which would mean breaking most mail
server software. They'd need that so that you could deny any
create except by root to keep ordinary users from DOS'ing a
daemon.
-- Terry
More information about the freebsd-hackers
mailing list