Date: Tue, 14 Sep 2004 17:32:14 +0200
From: Ingo Molnar <mingo@elte.hu>
To: Albert Cahalan <albert@users.sf.net>
Cc: linux-kernel mailing list <linux-kernel@vger.kernel.org>,
       wli@holomorphy.com, cw@f00f.org, anton@samba.org
Subject: Re: /proc/sys/kernel/pid_max issues
Message-ID: <20040914153214.GA15558@elte.hu>
References: <1095045628.1173.637.camel@cube> <20040913075743.GA15722@elte.hu> <1095083649.1174.1293.camel@cube>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1095083649.1174.1293.camel@cube>
User-Agent: Mutt/1.4.1i
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1134
Lines: 32


* Albert Cahalan <albert@users.sf.net> wrote:

> > > I'd much prefer LRU allocation. There are
> > > lots of system calls that take PID values.
> > > All such calls are hazardous. They're pretty
> > > much broken by design.
> > 
> > this is a pretty sweeping assertion. Would you
> > care to mention a few examples of such hazards?
> 
> kill(12345,9)
> setpriority(PRIO_PROCESS,12345,-20)
> sched_setscheduler(12345, SCHED_FIFO, &sp)
> 
> Prior to the call being handled, the process may
> die and be replaced. Some random innocent process,
> or a not-so-innocent one, will get acted upon by
> mistake. This is broken and dangerous.

easy to fix: SIGSTOP the task, check it's really
the one you want and then do the setpriority / 
setscheduler call and SIGCONT it. Any privileged
code that is about to spread some of its privileges
via asynchronous system-calls need to be careful.

	Ingo
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/