'[argante] Re: random, delusional thoughts'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       argante
Subject:    [argante] Re: random, delusional thoughts
From:       Michal Zalewski <lcamtuf () coredump ! cx>
Date:       2002-06-17 11:09:38
[Download RAW message or body]

On Mon, 17 Jun 2002, James Kehl wrote:

>> What do you mean by making the state of one app available to another?
>> Perhaps you are thinking about a shared memory?
> No, more like a shared FD...

First, how you want to share FDs across machines? Then, what's the
purpose? Data can be transferred over rIPC with ease. There would be no
significant performance or functionality gain...

> As another example, consider a database where you connect and send it a
> query, and then you can manipulate the dataset that query returns. If a
> program (A) wants another program (B) to do some manipulations on a
> dataset belonging to A how is this done? Clearly program C should not
> have access to the dataset.

Database server sends results to the client, client makes changes,
eventually updates database. If we want to avoid full transfers, client
can just send specific queries / requests regarding the dataset that is
stored on the server as a context for this rIPC session.

> Shared memory (shared-by-copying it, at least, and remotely there's no
> other kind) is inefficient.

Duh? You can't say "shared memory (of this or other kind) is inefficient".
It is how we use it that makes it efficient or not. If you don't want to
transfer whole memory as the client does not need it, keep it on the
server and provide an API for manipulating this data.

> It could equally be locally manipulated to crash the remote server.

Huh?

> Signal masks set by sigblock & co are inherited, even by suid programs
> (afaik). You can then mask SEGV, send it to yourself, exec a suid, and,
> if it unmasks, wait for coredump!

Since when setuids dump core?

> Equally, and I hadn't considered this one much, programs which use
> signals for IPC (mebbe even CHLD? whee!) can be hung/munged. Especially
> nice if there's a lock file.

You can kill a program with SIGKILL. You don't have to play such tricks.

-- 
_____________________________________________________
Michal Zalewski [lcamtuf@bos.bindview.com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=
          http://lcamtuf.coredump.cx/photo/

-- -----------------------------------------------------------------------
   Unsubscribe: mail argante-request@linuxpl.org -s unsubscribe </dev/null

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic