[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libvir] PATCH: Prevent zombie ssh tunnels

Daniel Veillard wrote:
On Tue, Sep 11, 2007 at 11:35:46AM +0200, Gerd Hoffmann wrote:
Daniel Veillard wrote:
   - the ssh process dies
   - libvirt based application takes some time to notice it
   - the OS span a new process with the same PID after a PID rollabck
Can not happen as long as libvirt hasn't asked for the exist status via
waitpid() because the pid is still in use by the zombie ssh process.

  Hum, which is precisely why we need the patch. Still I would feel a bit
better if we could check that priv->pid is a child of the current process
something like (getppid(priv->pid) == getpid()) test before any kill would
do this easilly I think.

I think Gerd's point was that as long as we haven't waited for the PID within this process before, the PID cannot be reused.

That doesn't mean the situation cannot arise -- for example the main program might be using other libraries as well as libvirt, and those other libraries might blindly wait(2) for children.


Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/
Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod
Street, Windsor, Berkshire, SL4 1TE, United Kingdom.  Registered in
England and Wales under Company Registration No. 03798903

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]