Subject: Re: Segmentation fault disaster
To: David Jones <email@example.com>
From: Chris G Demetriou <Chris_G_Demetriou@LAGAVULIN.PDL.CS.CMU.EDU>
Date: 04/20/1995 18:41:18
> The _REAL_ solution is to have well-documented, portable, extensible APIs
> for the functions that currently require access to the kernel symbol table
> and /dev/kmem. Perhaps stuff can be added to sysctl()...
Every time you do this, someone will need something more than you
provide. I guarantee it.
>Computing the load average is a commonplace operation. Many programs want
>to do it to take different actions depending on how badly the system is loaded.
>I know of many inet servers that do this. However:
> - You probably spend more time reading the kernel symbol table than you'd
> save by taking the action you'd take if the load was low.
> - You require access to /dev/kmem (suid root or sgid kmem) which is an
> inherent security flaw that may develop into a hole.
you know that the load average is currently gotten through sysctl, right?
> Unless you are debugging a kernel, /dev/kmem should not even have to exist.
While that's a nice sentiment (that i can't really agree with, since i
_always_ am hacking in the kernel... 8-), i think it's problematic
because there's always "one more thing" that various programs will
want access to.