This is the mail archive of the elfutils-devel@sourceware.org mailing list for the elfutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: patch 5 debuginfod: prometheus metrics


Hi,

On Fri, 2019-11-15 at 12:57 -0500, Frank Ch. Eigler wrote:
> Could you also add a reference to the Prometheus Exposition format. I
> > see it is already in a comment in the code. Best to also add it as See
> > also in the docs.
> 
> OK.

Thanks, that would be good.

> > > +control.  The \fI/metrics\fP webapi endpoint is probably not
> > > +appropriate for disclosure to the public.
> > 
> > So, should there be an option to turn it off?
> 
> IMHO not necessary.  The security section already advises against
> exposing an unprotected debuginfod server to the public.  A front-end
> reverse-proxy would easily filter requests to /metrics.

I think defense in depth is not a bad thing.
You already have local users to which it is exposed.
And it would also make the server do slightly less work.

> > > +#ifdef __linux__
> > > +#define gettid() syscall(SYS_gettid)
> > > +#else
> > > +#define gettid() pthread_self()
> > > +#endif
> > 
> > You might want to rename this since newer glibc might expose gettid().
> 
> OK.

Note that the current code defines tid () as syscall(SYS_getpid).
Should be SYS_gettid.

Cheers,

Mark


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]