Re: [Patch][RFC] fcntl: add ability to stop monitored processes

[Alan Cox]

On Llu, 2005-06-13 at 14:48, Neil Horman wrote:
> The idea I had was to catch processes which are preforming ostensibly
> undesireable filesystem operations (as defined by the actions that F_NOTIFY can
> monitor).  I'm not sure how else to avoid the race condition that can arise
> between the delivery of the F_NOTIFY signal to the monitoring process, and the
> exiting of the monitored process. If you have another thought, I'm certainly
> open to it.

I'm more worried you will make things worse not better. My first thought
was what stops me just filling up the file table with admin work
possibly also involving setuid processes so the end user cannot rescue
the situation.

If its trying to do debugging then ptrace makes sense and the parent
would be notified. Ptrace deals with exit of tracer and security for
you. If you are trying to implement a security policy then the selinux
hooks already allow you to block access to those files by selected
processes anyway just as your F_NOTIFY hook would do, and you could even
write a new security layer with a daemon that decided for the F_NOTIFY
equivalents.

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/