Date: Sun, 02 Apr 2006 23:17:49 -0400 From: Tom Lane <tgl@sss.pgh.pa.us> To: Kris Kennaway <kris@obsecurity.org> Cc: "Marc G. Fournier" <scrappy@postgresql.org>, freebsd-stable@freebsd.org, pgsql-hackers@postgresql.org Subject: Re: [HACKERS] semaphore usage "port based"? Message-ID: <27515.1144034269@sss.pgh.pa.us> In-Reply-To: <20060403031157.GA57914@xor.obsecurity.org> References: <26524.1144026385@sss.pgh.pa.us> <20060402222843.X947@ganymede.hub.org> <26796.1144028094@sss.pgh.pa.us> <20060402225204.U947@ganymede.hub.org> <26985.1144029657@sss.pgh.pa.us> <20060402231232.C947@ganymede.hub.org> <27148.1144030940@sss.pgh.pa.us> <20060402232832.M947@ganymede.hub.org> <20060402234459.Y947@ganymede.hub.org> <27417.1144033691@sss.pgh.pa.us> <20060403031157.GA57914@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway <kris@obsecurity.org> writes: > On Sun, Apr 02, 2006 at 11:08:11PM -0400, Tom Lane wrote: >> If this is the story, then FBSD have broken their system and must revert >> their change. They do not have kernel behavior that totally hides the >> existence of the other process, and therefore having some calls that >> pretend it's not there is simply inconsistent. > I'm guessing it's a deliberate change to prevent the information > leakage between jails. I have no objection to doing that, so long as you are actually doing it correctly. This example shows that each jail must have its own SysV semaphore key space, else information leaks anyway. The current situation breaks Postgres, and therefore I suggest reverting the errno change until you are prepared to fix the SysV IPC stuff to be per-jail. regards, tom lane
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?27515.1144034269>