On Mon, Feb 09, 2015 at 11:13:51PM +0000, Rui Paulo wrote: > Author: rpaulo > Date: Mon Feb 9 23:13:50 2015 > New Revision: 278479 > URL: https://svnweb.freebsd.org/changeset/base/278479 > > Log: > Notify devd(8) when a process crashed. > > This change implements a notification (via devctl) to userland when > the kernel produces coredumps after a process has crashed. > devd can then run a specific command to produce a human readable crash > report. The command is most usually a helper that runs gdb/lldb > commands on the file/coredump pair. It's possible to use this > functionality for implementing automatic generation of crash reports. > > devd(8) will be notified of the full path of the binary that crashed and > the full path of the coredump file. >
The more I look at this the more I'm convinced this is quite insecure. At a minimum this should also grow a flag to decide whether notification about jailed process crashes are allowed. Off by default. As it is you pass a path leading to a jail, but that's inherently untrusted and will lead to trouble. -- Mateusz Guzik <mjguzik gmail.com> _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"