Russell King wrote:
> On Tue, Aug 13, 2002 at 12:12:10AM -0700, H. Peter Anvin wrote:
>
>>However, I'm wondering what to do about logging.
>
>
> While writing my scripts for initramfs, the following thought occurred:
>
> 1. We only need the fd for initramfs.
> 2. We want to log the output from commands executed in initramfs.
>
> Currently with an initrd, we set fd 0, 1, 2 to point to /dev/console.
> Is there any reason we couldn't set fd 0 to /dev/console (maybe from
> inside initramfs) but always setup fd 1 and 2 from the kernel to point
> at a special "translate this into printk" fd ?
>
> This has several advantages:
>
> 1. No need for another "special" device.
> 2. Once the fd is closed, its gone for good - no security concerns with
> apps in userland after boot dumping copious amounts of data into the
> kernel message buffer.
> 3. initramfs programs/scripts don't need to be aware of any special
> logging facilities
>
> The disadvantages:
>
> 1. We need some way to open fd 1 and 2 in the first place; this is
> likely to be a special case, and initramfs is supposed to remove
> special cases from the kernel.
>
I really think this is a bad idea. The kmsg device has different
properties -- for example, you're supposed to tag things with the
message importance. It really matches the syslog(3) interface better.
Also, the special case makes me nervous.
The "DoS opportunity" is a complete and utter red herring. If you have
permission to write /dev/kmsg then you have permission to write
/dev/kmem too!
-hpa
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Aug 23 2002 - 22:00:17 EST