svn commit: r187607 - head/usr.bin/truss
brde at optusnet.com.au
Sun Jan 25 10:28:56 PST 2009
On Sun, 25 Jan 2009, Ed Schouten wrote:
> * Bruce Evans <brde at optusnet.com.au> wrote:
>> I think it is the longstanding kernel bug in permissions checking
>> generally, that the init process and some other non-kernel processes
>> are bogusly marked as P_SYSTEM. I use the following fix (this may
>> be incomplete):
> I just looked at the patch and it seems to do the right thing. I can't
> seem to find any places in the kernel where it makes sense to let
> init(8) use P_SYSTEM (except kern_sig.c ofcourse). I like the cleanups
> you made, especially the comparisons with initproc instead of using the
> Would you mind if I commit your patch to SVN?
OK, but please think about the following possible problems:
- permissions should be decided in the usual way for init (root should
not be restricted except for impossible things), but maybe something
(jail?) depends on extra restrictions.
- P_SYSTEM has something to do with swapping, and I also removed the
PS_INMEM setting for init. I have always used NO_SWAPPING and haven't
used a swap partition since memory sizes reached 64MB, so I wouldn't
have noticed problems with this. init doesn't run often so it is
quite likely to be swapped (if allowed to) if real memory runs out.
More information about the svn-src-head