On Sun, Dec 10, 2006 at 08:58:19PM +0100, Pavel Machek wrote:
> Hi!
Hi
> > > > This simple patch allows nbd to expose the nbd-client
> > > > daemon's PID in /sys/block/nbd<x>/pid. This is helpful
> > > > for tracking connection status of a device and for
> > > > determining which nbd devices are currently in use.
> > >
> > > Actually is it needed at all? Perhaps nbd clients should be modified
> > > to put nbdX in their process nam?
> >
> > I don't think that's the right approach; only the kernel can guarantee
> > that a given process is actually managing a given nbd device (I could
> > have some rogue process running around announcing that it's managing
> > nbd2, and then what?)
>
> I'd say "do not run rogue processes as root" :-).
>
> nbd-client should run as root -- I do not think interface was
> carefully audited to run it as a user -- so rogue process should not
> really be a problem.
IOW, you're suggesting I walk the process list from userspace to find a
process for which a) it claims it's running for a given nbd device, and
b) I can verify that it actually has the permissions to do so. That's a
whole lot of code in comparison to
f=open("/sys/block/nbd2/pid", O_RDONLY);
read(f,buf,len);
I think I very much prefer the above two lines, not only for simplicity.
Also, your suggestion relies on users /only/ using the official
nbd-client, and is fragile in cases where that assumption is false
(i.e., it's susceptible to false negatives). The suggested patch does
not have that problem.
--
<Lo-lan-do> Home is where you have to wash the dishes.
-- #debian-devel, Freenode, 2004-09-22
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
