科技回声

This is actually quite interesting - I didn't know you could do that, and I will likely employ it in the future, especially with a remote web server or something you can't immediately get to. So as you roll in, you check your email on your phone, and know walking in what you're getting into and likely how to fix it. From a time-optimization viewpoint, this is nigh-invaluable.<p>Plus this guy has some other very nifty articles.<p>But I guess (glancing at first few comments) that "haterz gonna hate."

Fedora's Automated Bug Reporting Tool (abrt) uses this to automatically produce crash reports, which you can sanitize and approve to post in a central location for developers. I imagine that Ubuntu does something similar.

So what happens if the helper application crashes and tries to dump core? Would it try to run another instance of it to handle that crash, and so on, leading to a "core bomb"?

It is nice to know that Linux has this feature, but it essentially amounts to a JIT debugger, and has been in other OSes for a long time. In Windows, it's been there since at least NT 4.

Hook root when a process crashes? How long until an exploit?

So what happens if the helper application crashes and tries to dump core? Would it try to run another instance of it to handle that crash, and so on, leading to a "core bomb"?

It is nice to know that Linux has this feature, but it essentially amounts to a JIT debugger, and has been in other OSes for a long time. In Windows, it's been there since at least NT 4.

Hook root when a process crashes? How long until an exploit?

An obscure kernel feature to get more info about dying processes

5 条评论

An obscure kernel feature to get more info about dying processes

5 条评论