From: "Ihar 'Philips' Filipau" <filia@softhome.net>
To: David Schwartz <davids@webmaster.com>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Dumb question: Why are exceptions such as SIGSEGV not logged
Date: Mon, 18 Aug 2003 11:34:57 +0200 [thread overview]
Message-ID: <3F409DC1.6070400@softhome.net> (raw)
In-Reply-To: <lOll.3Jp.19@gated-at.bofh.it>
David Schwartz wrote:
>>>
>>> char *foo = 0;
>>> sigset(SIGSEGV,SIG_IGNORE);
>>> for(;;) { *foo = '\5'; }
>>>
>>>Your logfiles just got DoS'ed....
>>Why not then just log uncaught exceptions?
>
> Because deliberately creating an uncaught exception is a perfectly sane,
> reasonable thing to do with well-defined semantics. Applications should feel
> free to do such reasonable things without getting complaints from the system
> administrator that their log is being flooded with garbage.
>
> There is no mechanism that is guaranteed to terminate a process other than
> sending yourself an exception that is not caught. So in cases where you must
> guarantee that your process terminates, it is perfectly reasonable to send
> yourself a SIGILL.
>
You probably have missed some postings on this thread.
This one:
----------------------------------------------
Jakob Oestergaard wrote:
> On Sat, Aug 16, 2003 at 06:06:34PM -0500, David D. Hagood wrote:
>
>>Valdis.Kletnieks@vt.edu wrote:
>>
>>
>>>Consider this code:
>>>
>>> char *foo = 0;
>>> sigset(SIGSEGV,SIG_IGNORE);
>>> for(;;) { *foo = '\5'; }
>>>
>>>Your logfiles just got DoS'ed....
>
> ...
>
> Consider this code:
> for (;;) syslog(LOG_INFO, "root, hurt me please!");
>
> My point being, that if a user wishes to spam the syslog he can.
>
> Please read the syslogd man page - see under "SECURITY THREATS".
> Especially option 5 in that section:
>
> ----------------
> 5. Use step 4 and if the problem persists and is not secondary to a rogue
> program/daemon get a 3.5 ft (approx. 1 meter) length of sucker rod* and
> have a chat with the user in question.
>
> Sucker rod def. -- 3/4, 7/8 or 1in. hardened steel rod, male threaded
> on each end. Primary use in the oil industry in Western North Dakota
> and other locations to pump 'suck' oil from oil wells. Secondary uses
> are for the construction of cattle feed lots and for dealing with the
> occasional recalcitrant or belligerent individual.
> ----------------
>
----------------------------------------------
So you can flood syslog in any way. and syslog(2) I beleive is much
faster than SIGSEGV+kernel solution in this respect ;-)))
> FreeBSD logs any number of normal things that sane, reasonable processes do
> and it's very annoying. A very annoying example is FreeBSD's desire to log
> calls to 'wait' functions with 'SIGCHLD' ignored. How else can portable
> programs say, "I want you to automatically reap my zombies if you can, but
> otherwise, I'll reap them if needed by calling waitpid(WNOHANG) every once
> in a while".
>
If application cannot be responsible for its children - it is just
bad programming practice. Fix applications.
Reapping zombies 'just in case if any' sounds really bad.
next prev parent reply other threads:[~2003-08-18 9:33 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <lg0i.6yo.11@gated-at.bofh.it>
[not found] ` <lgjJ.6Oo.5@gated-at.bofh.it>
[not found] ` <lilr.p2.7@gated-at.bofh.it>
[not found] ` <livc.wX.17@gated-at.bofh.it>
2003-08-17 12:43 ` Dumb question: Why are exceptions such as SIGSEGV not logged Ihar 'Philips' Filipau
[not found] ` <lj7O.14a.1@gated-at.bofh.it>
2003-08-17 12:52 ` Ihar 'Philips' Filipau
2003-08-17 13:09 ` Alan Cox
[not found] ` <lOll.3Jp.19@gated-at.bofh.it>
2003-08-18 9:34 ` Ihar 'Philips' Filipau [this message]
2003-08-18 17:26 ` David Schwartz
2003-08-18 20:50 Hank Leininger
2003-08-18 21:02 ` Mike Fedyk
2003-08-18 21:18 ` Hank Leininger
2003-08-18 21:25 ` Mike Fedyk
2003-08-18 22:12 ` William Lee Irwin III
2003-08-18 22:39 ` David Schwartz
2003-08-18 22:44 ` Mike Fedyk
2003-08-18 22:53 ` David Schwartz
2003-08-19 6:54 ` Denis Vlasenko
2003-08-19 14:52 ` Valdis.Kletnieks
2003-08-19 18:51 ` David Schwartz
-- strict thread matches above, loose matches on Subject: below --
2003-08-18 1:56 Hank Leininger
[not found] <lv8Y.2XU.9@gated-at.bofh.it>
[not found] ` <lv8Y.2XU.11@gated-at.bofh.it>
[not found] ` <lv8Y.2XU.13@gated-at.bofh.it>
[not found] ` <lviD.35d.3@gated-at.bofh.it>
[not found] ` <lviD.35d.1@gated-at.bofh.it>
[not found] ` <lvC1.3p9.11@gated-at.bofh.it>
2003-08-17 14:29 ` Ihar 'Philips' Filipau
2003-08-16 20:10 Michael Frank
2003-08-16 20:49 ` Valdis.Kletnieks
2003-08-16 21:42 ` Jamie Lokier
2003-08-16 23:06 ` David D. Hagood
2003-08-16 23:17 ` Doug McNaught
2003-08-16 23:41 ` Dr. David Alan Gilbert
2003-08-17 8:17 ` Russell King
2003-08-16 23:49 ` Alan Cox
2003-08-17 20:54 ` Jakob Oestergaard
2003-08-18 4:28 ` Michael Frank
2003-08-18 9:15 ` David Schwartz
2003-08-19 2:43 ` H. Peter Anvin
2003-08-19 13:27 ` Jesse Pollard
2003-08-19 19:28 ` David Schwartz
2003-08-19 19:34 ` H. Peter Anvin
2003-08-19 20:01 ` David Schwartz
2003-08-18 14:31 ` William Lee Irwin III
2003-08-18 17:52 ` Michael Frank
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F409DC1.6070400@softhome.net \
--to=filia@softhome.net \
--cc=davids@webmaster.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox