[HACKERS] semaphore usage "port based"?
Marc G. Fournier
scrappy at hub.org
Mon Apr 3 23:41:05 UTC 2006
yOn Mon, 3 Apr 2006, Robert Watson wrote:
>
> On Mon, 3 Apr 2006, Marc G. Fournier wrote:
>
>> This falls under "well,we broke kill() so that it now reports a PID is not
>> in use even though it is, so its has to be the application that fixes it"
>> ... and you *still* haven't shown *why* kill() reporting a PID is in use,
>> even if its not in the current jail, is such a security threat ...
>
> It is an issue of completeness and consistency. We implement a single set of
> access control checks between processes, and try to avoid exceptions to them.
> This is one of my largest architectural gripes about access control in 4.x,
> actually: everywhere you look, the same "check" is implemented differently.
> Sometimes signal checks are done way, other times, other ways. Likewise,
> debugging, monitoring, etc. In 5.x forward, we use a centralized set of
> access control checks in order to provide consistent, reliable, and easy to
> analyze policy. The more exceptions we introduced, the further we get from
> that goal.
Agreed, in principle ... its just locking down something without a way
around it is ... painful :(
----
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email: scrappy at hub.org Yahoo!: yscrappy ICQ: 7615664
More information about the freebsd-stable
mailing list