Date: Mon, 20 Sep 1999 09:13:34 +0930 From: Greg Lehey <grog@lemis.com> To: Kazutaka YOKOTA <yokota@zodiac.mech.utsunomiya-u.ac.jp> Cc: cvs-committers@freebsd.org, hackers@freebsd.org Subject: Re: panic() the system from the console (was: Re: kern/13721: There is no way to force system panic from console) Message-ID: <19990920091334.Q55065@freebie.lemis.com> In-Reply-To: <199909190929.SAA02517@zodiac.mech.utsunomiya-u.ac.jp>; from Kazutaka YOKOTA on Sun, Sep 19, 1999 at 06:29:34PM %2B0900 References: <Pine.BSF.4.10.9909161329200.26117-100000@dt014nb6.san.rr.com> <73296.937561536@axl.noc.iafrica.com> <19990919113105.X55065@freebie.lemis.com> <199909190929.SAA02517@zodiac.mech.utsunomiya-u.ac.jp>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday, 19 September 1999 at 18:29:34 +0900, Kazutaka YOKOTA wrote: > >>> He wanted a to be able to panic() a machine from console without being >>> able to drop to DDB from console. I think this is because he believes >>> that DDB is a security problem. :-) >> >> Well, I'm missing something: the beginning of this thread, so this may >> not be 100% relevant, but I've just had the situation. So: >> >> I believe that panicing the system is also a security problem. But >> sometimes people have hangs and just want to get a dump. Installing >> DDB is overkill for this situation; how about a key attribute that >> panics the system? > > That was exactly the suggestion the original poster made in his PR. > He also believed that assiging the PANIC function to a key > is no worse than having the DDB function key. I think that's a valid statement. Sure, you can return from ddb, whereas you can't from panic, but any abuse would be more likely to be accidental. I'd hope we could think of a *very* difficult key combination to press accidentally. I'd expect at least all of ctrl-alt-shift and some unusual character such as F13. >> It would probably make sense to have a sysctl or >> some such to enable it. > > Or, as the original poster, have a kernel compile option. > > I am not particularly attached to either of the ideas: the sysctl or > the kernel compile option. But, I am now beginning to think sysctl > may be better, as it would enable us to obtain a dump without recompiling > the kernel. That's my reasoning. Most people don't see a necessity for this function, but if they have a hang, they want to be able to enable it quickly. I've taken a look at Dmitry's code; it looks straightforward enough to me that we should commit it. I'll test it if anybody wants it. Greg -- See complete headers for address, home page and phone numbers finger grog@lemis.com for PGP public key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990920091334.Q55065>