On Thu, 7 Nov 2024 04:48:28 GMT, Serguei Spitsyn <sspit...@openjdk.org> wrote:
>> Larry Cable has updated the pull request incrementally with one additional >> commit since the last revision: >> >> JDK-8342449: fixed missing param in throws msg and renamed local var > > src/jdk.attach/linux/classes/sun/tools/attach/VirtualMachineImpl.java line > 268: > >> 266: * however we can also check the target pid's signal masks to >> see if it catches SIGQUIT and only do so if in >> 267: * fact it does ... this reduces the risk of killing an >> innocent process in the current ns as opposed to >> 268: * attaching to the actual target JVM ... c.f: >> checkCatchesAndSendQuitTo() below. > > This still looks pretty risky and dangerous. I'm thinking if it'd make sense > to check that the target process is a VM process. At least, we know how VM > processes can use the signal mask. Another concern is that the target VM > process might be not exactly the same VM the client was expecting to attach. > I don't know what can be done to ensure this correctness. It should be okay to file a bug/rfe on this. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/21688#discussion_r1838967163
