Date: Tue, 4 Apr 2006 10:07:44 -0400 From: Vivek Khera <vivek@khera.org> To: freebsd-stable <freebsd-stable@freebsd.org> Subject: Re: [HACKERS] semaphore usage "port based"? Message-ID: <BF8E10A7-389B-4C6B-A81A-50BDB5AAFAD7@khera.org> In-Reply-To: <Pine.GSO.4.43.0604031537190.22397-100000@sea.ntplx.net> References: <Pine.GSO.4.43.0604031537190.22397-100000@sea.ntplx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Apr 3, 2006, at 3:41 PM, Daniel Eischen wrote: >> ... and you *still* haven't shown *why* kill() reporting a PID is >> in use, >> even if its not in the current jail, is such a security threat ... > > For reducing attacks I suppose. But conceptually, something running > in a jail shouldn't be allowed to see out. I don't think it gives you much information given that PIDs come and go and there's no atomicity in checking if it exists, and then finding what it is. Even on the same jail the PID could go away after you check for it before you try to pry into what it is or do something else. I think it is an overly paranoid attempt at hiding information that is otherwise useful. At worst there should be a sysctl to enable it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BF8E10A7-389B-4C6B-A81A-50BDB5AAFAD7>