Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 31 Oct 2013 01:29:25 +0100
From:      dt71@gmx.com
To:        Colin Percival <cperciva@freebsd.org>, freebsd-hackers@freebsd.org
Subject:   Re: Automated submission of kernel panic reports
Message-ID:  <5271A465.2030206@gmx.com>
In-Reply-To: <526F8EB3.1040205@freebsd.org>
References:  <526F8EB3.1040205@freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Notes/advice/recommendations/proposals/questions/whatever:

This smells of having a potential to make an admin accidentally transmit undesired information, as well as adding some attack surface.

Without testing, I bet that a reguler user will be able to read the panicmail.N file (which will contain the textdump) -- the umask/permissions are not set up properly.

I very much dislike the non-use of double quotes around variable expansions and things like that in the shell code.

The return code of /usr/local/bin/pkesh should be handled.

Place a comment to the location in the code where an admin could put an add-on script that can automatically modify the text to be submitted (both automatic and confirmed mode).

What if the /var/crash/{info,vmcore}.last symlinks were used as a basis for selecting the last dump, instead of the current "$((`cat bounds` - 1))"/"$1" method?

What's wrong with "our" /bin/sh? If a temporary file is used for kgdb commands anyway, would it not be cleaner to use ``-x ${tmpfile}'' instead of input-piping?

How about: ${panicmail_sendto} could be "Full Name <e-mail@address>"?

"# Remove temporary file" is a bit superfluous.

Choose a consistent commenting style: either use periods/fullstops, or don't.

I'd personally use ``>'' instead of ``>>'' first in panicmail_gather().



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5271A465.2030206>