[Linux-HA] File descriptors in heartbeat V1

Alan Robertson alanr at unix.sh
Wed Oct 26 08:02:38 MDT 2005


Simon Rowe wrote:
> I notice that all heartbeat processes have all heartbeat media fds open, e.g. 
> the serial processes have the ethernet fds open. This is less than ideal in 
> terms of resource usage and security.
> 
> Is this an oversight or a limitation of the V1 architecture?

Well... It's only a security problem if they read or write them.  Only 
the appropriate child processes read or write them.

It's only a resource problem if they were different file descriptors. 
In the kernel, they're all the same file descriptor - so no additional 
resources are consumed.

It would be a bit of a pain to fix this.

Lots of different things (like STONITH modules and logging processes) 
open various file descriptors and leave them open.

Knowing exactly which ones are needed for what purposes is difficult.

1.2.3 has a semi-major bug in that respect - we closed some that we 
shouldn't have.  Took us a long time to track down.  1.2.4 will be the 
last 1.2.x version (and it has that fixed when it comes out).

It wouldn't be so hard to close the _media_ file descriptors that aren't 
needed.  But, I don't know of any attacks that can take advantage of 
them being open.  If you know of any such attacks, then please send 
specific information about them to the security mailing list (not to 
this one).

The read/write child process code is very simple.


-- 
     Alan Robertson <alanr at unix.sh>

"Openness is the foundation and preservative of friendship...  Let me 
claim from you at all times your undisguised opinions." - William 
Wilberforce



More information about the Linux-HA mailing list