From: "H. Peter Anvin" <hpa@zytor.com>
To: Russell King <rmk@arm.linux.org.uk>
Cc: linux-kernel@vger.kernel.org, viro@math.psu.edu
Subject: Re: klibc and logging
Date: Mon, 19 Aug 2002 06:59:02 -0700 [thread overview]
Message-ID: <3D60F9A6.6020304@zytor.com> (raw)
In-Reply-To: 20020819142734.B17471@flint.arm.linux.org.uk
Russell King wrote:
> On Tue, Aug 13, 2002 at 12:12:10AM -0700, H. Peter Anvin wrote:
>
>>However, I'm wondering what to do about logging.
>
>
> While writing my scripts for initramfs, the following thought occurred:
>
> 1. We only need the fd for initramfs.
> 2. We want to log the output from commands executed in initramfs.
>
> Currently with an initrd, we set fd 0, 1, 2 to point to /dev/console.
> Is there any reason we couldn't set fd 0 to /dev/console (maybe from
> inside initramfs) but always setup fd 1 and 2 from the kernel to point
> at a special "translate this into printk" fd ?
>
> This has several advantages:
>
> 1. No need for another "special" device.
> 2. Once the fd is closed, its gone for good - no security concerns with
> apps in userland after boot dumping copious amounts of data into the
> kernel message buffer.
> 3. initramfs programs/scripts don't need to be aware of any special
> logging facilities
>
> The disadvantages:
>
> 1. We need some way to open fd 1 and 2 in the first place; this is
> likely to be a special case, and initramfs is supposed to remove
> special cases from the kernel.
>
I really think this is a bad idea. The kmsg device has different
properties -- for example, you're supposed to tag things with the
message importance. It really matches the syslog(3) interface better.
Also, the special case makes me nervous.
The "DoS opportunity" is a complete and utter red herring. If you have
permission to write /dev/kmsg then you have permission to write
/dev/kmem too!
-hpa
next prev parent reply other threads:[~2002-08-19 13:55 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-08-13 7:12 klibc and logging H. Peter Anvin
2002-08-13 7:52 ` Erik Andersen
2002-08-13 8:04 ` Alexander Viro
2002-08-13 10:12 ` Erik Andersen
2002-08-13 10:38 ` Alexander Viro
2002-08-13 14:27 ` Eric W. Biederman
2002-08-13 18:05 ` H. Peter Anvin
2002-08-13 9:42 ` Miquel van Smoorenburg
2002-08-13 17:41 ` H. Peter Anvin
2002-08-13 17:54 ` Benjamin LaHaise
2002-08-13 17:59 ` H. Peter Anvin
2002-08-13 17:55 ` Randy.Dunlap
2002-08-16 5:05 ` Oliver Xymoron
2002-08-19 13:27 ` Russell King
2002-08-19 13:59 ` H. Peter Anvin [this message]
2002-08-19 16:54 ` Russell King
2002-08-19 16:58 ` H. Peter Anvin
2002-08-19 17:25 ` Russell King
2002-08-19 17:27 ` H. Peter Anvin
2002-08-19 17:29 ` H. Peter Anvin
2002-08-19 19:37 ` Alan Cox
2002-08-19 19:40 ` H. Peter Anvin
2002-08-20 13:22 ` Thunder from the hill
2002-08-20 14:45 ` Russell King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3D60F9A6.6020304@zytor.com \
--to=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rmk@arm.linux.org.uk \
--cc=viro@math.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.