From owner-freebsd-hackers Sun Sep 19 16:44: 1 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from freebie.lemis.com (freebie.lemis.com [192.109.197.137]) by hub.freebsd.org (Postfix) with ESMTP id 509581586C; Sun, 19 Sep 1999 16:43:45 -0700 (PDT) (envelope-from grog@freebie.lemis.com) Received: (from grog@localhost) by freebie.lemis.com (8.9.3/8.9.0) id JAA05671; Mon, 20 Sep 1999 09:13:35 +0930 (CST) Date: Mon, 20 Sep 1999 09:13:34 +0930 From: Greg Lehey To: Kazutaka YOKOTA Cc: cvs-committers@freebsd.org, hackers@freebsd.org Subject: Re: panic() the system from the console (was: Re: kern/13721: There is no way to force system panic from console) Message-ID: <19990920091334.Q55065@freebie.lemis.com> References: <73296.937561536@axl.noc.iafrica.com> <19990919113105.X55065@freebie.lemis.com> <199909190929.SAA02517@zodiac.mech.utsunomiya-u.ac.jp> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: <199909190929.SAA02517@zodiac.mech.utsunomiya-u.ac.jp>; from Kazutaka YOKOTA on Sun, Sep 19, 1999 at 06:29:34PM +0900 WWW-Home-Page: http://www.lemis.com/~grog X-PGP-Fingerprint: 6B 7B C3 8C 61 CD 54 AF 13 24 52 F8 6D A4 95 EF Organization: LEMIS, PO Box 460, Echunga SA 5153, Australia Phone: +61-8-8388-8286 Fax: +61-8-8388-8725 Mobile: +61-41-739-7062 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sunday, 19 September 1999 at 18:29:34 +0900, Kazutaka YOKOTA wrote: > >>> He wanted a to be able to panic() a machine from console without being >>> able to drop to DDB from console. I think this is because he believes >>> that DDB is a security problem. :-) >> >> Well, I'm missing something: the beginning of this thread, so this may >> not be 100% relevant, but I've just had the situation. So: >> >> I believe that panicing the system is also a security problem. But >> sometimes people have hangs and just want to get a dump. Installing >> DDB is overkill for this situation; how about a key attribute that >> panics the system? > > That was exactly the suggestion the original poster made in his PR. > He also believed that assiging the PANIC function to a key > is no worse than having the DDB function key. I think that's a valid statement. Sure, you can return from ddb, whereas you can't from panic, but any abuse would be more likely to be accidental. I'd hope we could think of a *very* difficult key combination to press accidentally. I'd expect at least all of ctrl-alt-shift and some unusual character such as F13. >> It would probably make sense to have a sysctl or >> some such to enable it. > > Or, as the original poster, have a kernel compile option. > > I am not particularly attached to either of the ideas: the sysctl or > the kernel compile option. But, I am now beginning to think sysctl > may be better, as it would enable us to obtain a dump without recompiling > the kernel. That's my reasoning. Most people don't see a necessity for this function, but if they have a hang, they want to be able to enable it quickly. I've taken a look at Dmitry's code; it looks straightforward enough to me that we should commit it. I'll test it if anybody wants it. Greg -- See complete headers for address, home page and phone numbers finger grog@lemis.com for PGP public key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message