Date: Mon, 3 Apr 2006 23:10:39 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: "Marc G. Fournier" <scrappy@postgresql.org> Cc: Daniel Eischen <deischen@freebsd.org>, freebsd-stable@freebsd.org, Andrew Thompson <thompsa@freebsd.org>, Kris Kennaway <kris@obsecurity.org> Subject: Re: [HACKERS] semaphore usage "port based"? Message-ID: <20060403230850.P76562@fledge.watson.org> In-Reply-To: <20060403144916.J947@ganymede.hub.org> References: <Pine.GSO.4.43.0604030817090.21105-100000@sea.ntplx.net> <20060403140902.C947@ganymede.hub.org> <20060403182504.S76562@fledge.watson.org> <20060403144916.J947@ganymede.hub.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 3 Apr 2006, Marc G. Fournier wrote: >> The problem here is actually that two postgres instances are trying to use >> the same sempahore when they are actually different postgres instances. > > No, the problem here is that kill(PID, 0) reports that a PID is 'not in use' > when, in fact, it is, but in a different jail ... can someone explain to me > how 'not hiding that fact' increases information leakage, or causes a > security problem? I could see it if I could then proceed to kill that > process from a seperate jail, but I don't see what as possible ... So if it's using a different semaphore, why is it finding the semaphore of another Postgres session and trying to use that? The problem you're describing is a property of a collision on a semaphore. If there's no semaphore collision, how would it ever find the pid from another jail? Robert N M Watson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060403230850.P76562>