OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: chroot vs namespaces (Was: Sys(k)logd running as non-root)
From: Mitchell Blank Jr (mitchsfgoth.com)
Date: Fri Sep 22 2000 - 10:46:47 CDT

Solar Designer wrote:
> > That's what I usually do in these sorts of cases. Scripts that issue
> > signals need minor tweaking, but its worth it.
>
> If you can modify the scripts, you can do better than that (such as,

Yes, but allowing zero-length pid files is a realy minor change

          pidfile=/var/run/daemon.pid
        - if [ -f $pidfile ]
        + if [ -s $pidfile ]

Note that RedHat 6.2's /etc/rc.d/init.d/functions already handles zero-
length .pid files correctly, although they do it differently.

> It's kill(2) that's inherently racy.

True, at least on any pid other than yourself :-)

> I've already proposed lockpid(2) (on this list a year ago), which can
> be used to solve more than just the pidfile race.

Hmmm, I suppose so, but something feels so, uh, un-UNIX about it. Will
these locks be reference counted (i.e. if pid A holds a lock on pid B and
then dies itself, will the lock automatically be released?)

How about a /proc/NNNN/pidlock file - the pid would be locked as long
as someone has it open (of course, you need to have permission to
signal before you may open it). That would be really simple to implement,
no extra syscall, and reference counting would handle itself.

-Mitch