On Fri, Dec 21, 2001 at 10:17:35AM -0500, Gary MacDougall wrote: > In the kernel (ok, stand up you kernel guru's!), when a > "segmentation fault" is raised, I don't care where, doesn't the > kernel get some sort of notification event? Of course the kernel knows. The kernel is why seg faults can happen. Recall the days of Windows 95 and MacOS < X where those operating systems did not have much (any) memory protection. Programs were free to dance all over memory, blowing away random bits from the system. The OS did not keep track of such accesses and it was unable to take action to prevent a program from accessing the memory used by other programs or even the OS itself. With a real operating system (like Linux), the kernel manages what memory is allocated to whom, and the kernel is the one that terminates the program when it tries doing something it shouldn't. Just for fun, try using the kill command to send a SEGV signal to some (expendable) process. That process will segfault! This is precisely how the kernel terminates a process when it's committed a segmentation violation. So, in short, seg faults *come*from* the kernel, so of course the kernel knows when a program segfaults. I know that in (at least) FreeBSD, all segfaults are logged to syslog. That's a pretty neat feature, and it can help to alert you to possible security issues. I don't know if that's possible in Linux. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
Attachment:
pgpOCdsqVjIhf.pgp
Description: PGP signature