[lttng-dev] lttng enable-channel option for blocking

Mathieu Desnoyers mathieu.desnoyers at efficios.com
Fri Apr 27 08:43:44 EDT 2012 

* Woegerer, Paul (Paul_Woegerer at mentor.com) wrote:
> On 04/27/2012 01:33 PM, Mathieu Desnoyers wrote:
>> A core difference between ulimit and user-space tracing is that ulimit  
>> can only be set within the environment (and access right) of the user  
>> running the application. System-wide tracing sessions can be initiated  
>> by users member of the "tracing" group -- giving them the ability to  
>> potentially DoS an application does not appear to me to be a good  
>> security practice. Thoughts ?
>
> Hmm, how would that look in practice ? Lets assume there is the web  
> server which was started by an init-script in runlevel 3. How does a  
> user that belongs to group tracing hava a chance to DoS the already  
> running running web server. As far as I understand the trace session  
> concept every tracing user can only see (and affect) the tracing session  
> that he initiated. Even if the web server itself runs in a tracing  
> session (of user wwwrun) other tracing users wouldn't see it when they  
> do a "lttng list", right ?

Let me clarify the concept of tracing session in lttng 2.0.

We support launching per-user sessiond, which only interact with the
user's applications. That's all fine with security.

Now, we also support a root system-wide sessiond, which allows kernel
and user-space tracing. The "tracing" group has every right to create a
tracing session and trace the kernel and _all_ applications that were
already or will be running on the system.

So given a tracing session can impact _all_ applications running on the
system, we have to be really careful there.

Thanks,

Mathieu

>
> --
> Paul
>
> -- 
> Paul Woegerer | SW Development Engineer
> Mentor Embedded(tm) | Prinz Eugen Straße 72/2/4, Vienna, 1040 Austria
> P 43.1.535991320
> Nucleus® | Linux® | Android(tm) | Services | UI | Multi-OS
>
> Android is a trademark of Google Inc. Use of this trademark is subject to Google Permissions.
> Linux is the registered trademark of Linus Torvalds in the U.S. and other countries.
>

-- 
Mathieu Desnoyers
Operating System Efficiency R&D Consultant
EfficiOS Inc.
http://www.efficios.com

More information about the lttng-dev mailing list