[OpenAFS-devel] Re: [PATCH] in-core AFS multiplexor and PAG support
Pavel Machek
pavel@suse.cz
Sun, 18 May 2003 20:06:24 +0200
> > ? If he has same uid as you *and* you
> > have >=1 process running, what prevents
> > him from gdb attach <that process>,
> > and force it to do whatever he needs
> > by forcing syscall?
> > Pavel
>
> That's a good point, and perhaps it should be an option to not allow
> ptrace or other potentially dangerous operations between processes in
> different pags. But leave that optional, as it might still be useful -
> for example, logging in and diagnosing a daemon running in a separate
> pag.
>
> It's not clear if this would be best as a per-pag flag or a global one
> though.
Well, at that point you are getting quite far away from unix....
And this decision is pretty fundamental.
>
> -- Nathan
>
> ------------------------------------------------------------
> Nathan Neulinger EMail: nneul@umr.edu
> University of Missouri - Rolla Phone: (573) 341-4841
> Computing Services Fax: (573) 341-4216
--
Horseback riding is like software...
...vgf orggre jura vgf serr.