Date: Sun, 19 Sep 1999 18:29:34 +0900 From: Kazutaka YOKOTA <yokota@zodiac.mech.utsunomiya-u.ac.jp> To: Greg Lehey <grog@lemis.com> Cc: FreeBSD-committers@freebsd.org, hackers@freebsd.org Subject: Re: panic() the system from the console (was: Re: kern/13721: There is no way to force system panic from console) Message-ID: <199909190929.SAA02517@zodiac.mech.utsunomiya-u.ac.jp> In-Reply-To: Your message of "Sun, 19 Sep 1999 11:31:06 %2B0930." <19990919113105.X55065@freebie.lemis.com> References: <Pine.BSF.4.10.9909161329200.26117-100000@dt014nb6.san.rr.com> <73296.937561536@axl.noc.iafrica.com> <19990919113105.X55065@freebie.lemis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>> He wanted a to be able to panic() a machine from console without being >> able to drop to DDB from console. I think this is because he believes >> that DDB is a security problem. :-) > >Well, I'm missing something: the beginning of this thread, so this may >not be 100% relevant, but I've just had the situation. So: > >I believe that panicing the system is also a security problem. But >sometimes people have hangs and just want to get a dump. Installing >DDB is overkill for this situation; how about a key attribute that >panics the system? That was exactly the suggestion the original poster made in his PR. He also believed that assiging the PANIC function to a key is no worse than having the DDB function key. >It would probably make sense to have a sysctl or >some such to enable it. Or, as the original poster, have a kernel compile option. I am not particularly attached to either of the ideas: the sysctl or the kernel compile option. But, I am now beginning to think sysctl may be better, as it would enable us to obtain a dump without recompiling the kernel. Kazu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909190929.SAA02517>