On Sunday, 19 September 1999 at 18:29:34 +0900, Kazutaka YOKOTA wrote:
>
>>> He wanted a to be able to panic() a machine from console without being
>>> able to drop to DDB from console. I think this is because he believes
>>> that DDB is a security problem. :-)
>>
>> Well, I'm missing something: the beginning of this thread, so this may
>> not be 100% relevant, but I've just had the situation. So:
>>
>> I believe that panicing the system is also a security problem. But
>> sometimes people have hangs and just want to get a dump. Installing
>> DDB is overkill for this situation; how about a key attribute that
>> panics the system?
>
> That was exactly the suggestion the original poster made in his PR.
> He also believed that assiging the PANIC function to a key
> is no worse than having the DDB function key.
I think that's a valid statement. Sure, you can return from ddb,
whereas you can't from panic, but any abuse would be more likely to be
accidental. I'd hope we could think of a *very* difficult key
combination to press accidentally. I'd expect at least all of
ctrl-alt-shift and some unusual character such as F13.
>> It would probably make sense to have a sysctl or
>> some such to enable it.
>
> Or, as the original poster, have a kernel compile option.
>
> I am not particularly attached to either of the ideas: the sysctl or
> the kernel compile option. But, I am now beginning to think sysctl
> may be better, as it would enable us to obtain a dump without recompiling
> the kernel.
That's my reasoning. Most people don't see a necessity for this
function, but if they have a hang, they want to be able to enable it
quickly.
I've taken a look at Dmitry's code; it looks straightforward enough to
me that we should commit it. I'll test it if anybody wants it.
Greg
--
See complete headers for address, home page and phone numbers
finger [EMAIL PROTECTED] for PGP public key
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
