From owner-freebsd-hackers  Sun Sep 19  2:25:24 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from outmail.utsunomiya-u.ac.jp (outmail.utsunomiya-u.ac.jp [160.12.196.3])
	by hub.freebsd.org (Postfix) with ESMTP
	id C904114C2C; Sun, 19 Sep 1999 02:25:22 -0700 (PDT)
	(envelope-from yokota@zodiac.mech.utsunomiya-u.ac.jp)
Received: from zodiac.mech.utsunomiya-u.ac.jp (IDENT:QGXUBFAWnR1ZUYIhrKFcmVVUgUeiB/5o@zodiac.mech.utsunomiya-u.ac.jp [160.12.42.1])
	by outmail.utsunomiya-u.ac.jp (8.9.3/3.7Wpl2) with ESMTP id SAA24462;
	Sun, 19 Sep 1999 18:25:14 +0900 (JST)
Received: from zodiac.mech.utsunomiya-u.ac.jp (zodiac.mech.utsunomiya-u.ac.jp [160.12.42.1]) by zodiac.mech.utsunomiya-u.ac.jp (8.7.6+2.6Wbeta7/3.4W/zodiac-May96) with ESMTP
	id SAA02517; Sun, 19 Sep 1999 18:29:34 +0900 (JST)
Message-Id: <199909190929.SAA02517@zodiac.mech.utsunomiya-u.ac.jp>
To: Greg Lehey <grog@lemis.com>
Cc: FreeBSD-committers@freebsd.org, hackers@freebsd.org
Subject: Re: panic() the system from the console (was: Re: kern/13721: There
	 is no way to force system panic from console) 
In-reply-to: Your message of "Sun, 19 Sep 1999 11:31:06 +0930."
             <19990919113105.X55065@freebie.lemis.com> 
References: <Pine.BSF.4.10.9909161329200.26117-100000@dt014nb6.san.rr.com>
	 <73296.937561536@axl.noc.iafrica.com>  <19990919113105.X55065@freebie.lemis.com> 
Date: Sun, 19 Sep 1999 18:29:34 +0900
From: Kazutaka YOKOTA <yokota@zodiac.mech.utsunomiya-u.ac.jp>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


>> He wanted a to be able to panic() a machine from console without being
>> able to drop to DDB from console. I think this is because he believes
>> that DDB is a security problem. :-)
>
>Well, I'm missing something: the beginning of this thread, so this may
>not be 100% relevant, but I've just had the situation. So:
>
>I believe that panicing the system is also a security problem.  But
>sometimes people have hangs and just want to get a dump.  Installing
>DDB is overkill for this situation; how about a key attribute that
>panics the system?  

That was exactly the suggestion the original poster made in his PR.
He also believed that assiging the PANIC function to a key
is no worse than having the DDB function key.

>It would probably make sense to have a sysctl or
>some such to enable it.

Or, as the original poster, have a kernel compile option.

I am not particularly attached to either of the ideas: the sysctl or
the kernel compile option.  But, I am now beginning to think sysctl
may be better, as it would enable us to obtain a dump without recompiling
the kernel.

Kazu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message