On 08/04, Linus Torvalds wrote: > > On Sun, 4 Aug 2024 at 11:53, Oleg Nesterov <oleg@xxxxxxxxxx> wrote: > > > > Apart from SIGKILL, the dumper already has the full control. > > What do you mean? It's a regular usermodehelper. It gets the dump data > as input. That's all the control it has. I meant, the dumping thread can't exit until the dumper reads the data from stdin or closes the pipe. Until then the damper can read /proc/pid/mem and do other things. > > And note that the dumper can already use ptrace. > > .. with the normal ptrace() rules, yes. > > You realize that some setups literally disable ptrace() system calls, > right? Which your patch now effectively sidesteps. Well. If, say, selinux disables ptrace, then ptrace_attach() in this patch should also fail. But if some setups disable sys_ptrace() as a system call... then yes, I didn't know that. > THAT is why I don't like it. ptrace() is *dangerous*. And horrible ;) > Just adding some implicit tracing willy-nilly needs to be something > people really worry about. Ok, as I said I won't insist. Oleg.
