Subject: Re: [linux-audio-dev] [SOURCE] rt monitor to kill runaway RT processes
From: n++k (knos_AT_free.fr)
Date: Fri Aug 30 2002 - 00:21:49 EEST
/wrote Stefan Westerfeld <stefan_AT_space.twc.de> [Thu, 29 Aug 2002 21:16:59
+0200]
| Hi!
|
|On Wed, Aug 28, 2002 at 10:15:54AM -0400, Paul Davis wrote:
|> a side note: JACK, when run in RT mode, launches its own maximal
|> priority thread to perform exactly this function. all other RT threads
|> run at lower priorities. i believe that it is not possible to use JACK
|> to perform DOS attacks like this unless the client modifies its
|> scheduling priority itself.
|
|As far as I understood this, you have a client thread with raised priority
|that gets monitored. However, couldn't an attacker fork() in this thread,
|to transport priviledges to another (unrelated) process, and then kill -9
|all other processes with priviledges, and then do his DOS attack?
Anyway, what is the point of all this? I have nothing against security,
but:
1. that dos vulnerability is a local one
2. local dos vulnerabilities are of importance for systems where
"untrusted" users are roaming
2 doesn't seem like the typical setup where one would run a server
dedicated to realtime audio like JACK, especially not in RT mode, as
you'd have no guarantee anyway you'd have enough cpu for the many
softsynths/audio software you'd want to play with..
Of course nothing forbids in an imaginary world to use jack
as an esd/arts replacement, but it doesn't make sense then to run
it in RT mode.
This archive was generated by hypermail 2b28 : Fri Aug 30 2002 - 00:36:49 EEST