[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] OpenRC supporting systemd units
From:       Rich Freeman <rich0 () gentoo ! org>
Date:       2013-05-08 20:18:11
Message-ID: CAGfcS_nOsNTfAnmbthazV_YWQi50aO9pUjj116rQGexRY-evpQ () mail ! gmail ! com
[Download RAW message or body]

On Wed, May 8, 2013 at 4:06 PM, Ch=C3=AD-Thanh Christopher Nguy=E1=BB=85n
<chithanh@gentoo.org> wrote:
> You could be looking at someone trying to compromise your system through =
a
> buffer overflow or similar vulnerability. If you enable automatic respawn
> then congratulations, you just gave the attacker unlimited tries to guess
> the correct address/offset for his exploit.

Hence the reason it is highly use-case dependent.  The same could be
said of inittab restarting agetty indefinitely.

You can configure rate-limiting on restarts, etc.

Somebody mentioned fork-bombs and cgroups.  From what I can read when
a systemd restarts something it first stops it and then starts it.
Stopping a unit by default involves sending SIGTERM followed by
SIGKILL to the cgroup.  In general your processes won't be getting
away unless they're root and manipulating such things.

Much of the systemd behavior is configurable though - you could
configure a unit to only kill the "main" process, and for that matter
you can configure how systemd figures out the PID of the "main"
process.

This is getting a bit off-topic though.  I doubt anybody is going to
want default behavior on a systemd unit to be to auto-restart, unless
you're talking about stuff that already goes into inittab.  If anybody
wants stuff to auto-restart they'll edit their unit files (so files in
/etc should override files elsewhere, or they should get config
protection).

Rich

[prev in list] [next in list] [prev in thread] [next in thread]