Re: Dumb question: Why are exceptions such as SIGSEGV not logged

[Ihar 'Philips' Filipau]

David Schwartz wrote:
> > > 	char *foo = 0;
> > > 	sigset(SIGSEGV,SIG_IGNORE);
> > > 	for(;;) { *foo = '\5'; }
> > >
> > > Your logfiles just got DoS'ed....
> > Why not then just log uncaught exceptions?
>
> 	Because deliberately creating an uncaught exception is a perfectly sane,
> reasonable thing to do with well-defined semantics. Applications should feel
> free to do such reasonable things without getting complaints from the system
> administrator that their log is being flooded with garbage.
>
> 	There is no mechanism that is guaranteed to terminate a process other than
> sending yourself an exception that is not caught. So in cases where you must
> guarantee that your process terminates, it is perfectly reasonable to send
> yourself a SIGILL.

   You probably have missed some postings on this thread.
   This one:

----------------------------------------------
Jakob Oestergaard wrote:
> On Sat, Aug 16, 2003 at 06:06:34PM -0500, David D. Hagood wrote:
>
> > Valdis.Kletnieks@xxxxxx wrote:
> >
> >
> > > Consider this code:
> > >
> > > 	char *foo = 0;
> > > 	sigset(SIGSEGV,SIG_IGNORE);
> > > 	for(;;) { *foo = '\5'; }
> > >
> > > Your logfiles just got DoS'ed....
>
> ...
>
> Consider this code:
>  for (;;) syslog(LOG_INFO, "root, hurt me please!");
>
> My point being, that if a user wishes to spam the syslog he can.
>
> Please read the syslogd man page - see under "SECURITY THREATS".
> Especially option 5 in that section:
>
> ----------------
> 5.     Use step 4 and if the problem persists and is not secondary to a  rogue
>        program/daemon get a 3.5 ft (approx. 1 meter) length of sucker rod* and
>        have a chat with the user in question.
>
>        Sucker rod def. -- 3/4, 7/8 or 1in. hardened steel rod, male  threaded
>        on  each  end.  Primary use in the oil industry in Western North Dakota
>        and other locations to pump 'suck' oil from oil wells.  Secondary  uses
>        are  for  the construction of cattle feed lots and for dealing with the
>        occasional recalcitrant or belligerent individual.
> ----------------
----------------------------------------------

   So you can flood syslog in any way. and syslog(2) I beleive is much 
faster than SIGSEGV+kernel solution in this respect ;-)))

> 	FreeBSD logs any number of normal things that sane, reasonable processes do
> and it's very annoying. A very annoying example is FreeBSD's desire to log
> calls to 'wait' functions with 'SIGCHLD' ignored. How else can portable
> programs say, "I want you to automatically reap my zombies if you can, but
> otherwise, I'll reap them if needed by calling waitpid(WNOHANG) every once
> in a while".

    If application cannot be responsible for its children - it is just 
bad programming practice. Fix applications.
    Reapping zombies 'just in case if any' sounds really bad.


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/