Re: non-root process and PID files

• Previous message: Terry Lambert: "Re: Fine grained locking (was: FreeBSD mail list etiquitte)"
• In reply to: Leo Bicknell: "Re: non-root process and PID files"
• Next in thread: Wes Peters: "Re: non-root process and PID files"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 28 Oct 2003 04:46:36 -0800
To: Leo Bicknell <bicknell@ufp.org>

Leo Bicknell wrote:
> Dan Langille wrote:
> > Any suggestions?
>
> Here's a slightly backwards concept.
>
> We're all familar with how you can open a file, remove it from the
> directory, and not have it "go away" until the application closes
> it. Well, extend those semantics to the namespace.
>
> That is, have a directory where any name that does not exist can be
> opened RW, any name that does exist can be opened RO. A file is
> automatically removed when no one has an open descriptor to it anymore.

This is a somewhat neat idea. However, it would open a pretty
big race window, and you could denial-of-service a server by
creating a PID file belonging to some server, and leaving it
there with a bogus PID in it, and anything that was watching
the file R/O to kill -0 it to check if the processs needs to be
restarted would always think the process needs to be restarted.

8-).

Basically, all your processes would end up needing to be SUID
root, at least initially, which would mean breaking most mail
server software. They'd need that so that you could deny any
create except by root to keep ordinary users from DOS'ing a
daemon.

-- Terry
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"

• Previous message: Terry Lambert: "Re: Fine grained locking (was: FreeBSD mail list etiquitte)"
• In reply to: Leo Bicknell: "Re: non-root process and PID files"
• Next in thread: Wes Peters: "Re: non-root process and PID files"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages RFX Networks/ RackAdmin.com ALERT ... below was posted to some security websites. ... | in security and scalable server management on varying levels. ... Got Root? ... Your Server login ID is: ... (comp.os.linux) RFX NETWORKS ALERT ... below was posted to some security websites. ... | in security and scalable server management on varying levels. ... Got Root? ... Your Server login ID is: ... (alt.linux) Solaris Sparc 9 12/3 Core ./installer failing due Java? ... system SUNWadmr System & Network Administration Root ... system SUNWapchd Apache Web Server Documentation ... system SUNWapchu Apache Web Server (usr) ... system SUNWaudd Audio Drivers ... (comp.unix.solaris) core install of Solaris 9 (sparc) package list can be trimmed ? ... This is a server that will have very specific reasons ... system SUNWadmr System & Network Administration Root ... system SUNWeu8os American English/UTF-8 L10N For OS Environment User Files ... system R SUNWfcip Sun FCIP IP/ARP over FibreChannel Device Driver ... (comp.unix.solaris) [Full-Disclosure] RFX Networks ... | in security and scalable server management on varying levels. ... | monitor to take action during situations of service failure. ... Got Root? ... Your Server login ID is: ... (Full-Disclosure)