Cliff Woolley wrote:
I can't guess.On Wed, 19 Feb 2003, Jeff Trawick wrote:>The attached patch changes sig_coredump to call a hook. In the fullness >of time, the ap_exception_info_t provided to the hook would contain any >and all relevant information available to a signal/exception handler >(e.g., siginfo_t on many Unix variants). >... >Thoughts/concerns? Why do I fear this would be a security problem waiting to happen? :-/
Assume that we have a bug such that a malicious user can cause us to segfault at will. If some module implements the fatal exception hook then what are you afraid that it will do that it couldn't have done in any other hook?
