3 DRD-Safe Problem Areas

Before discussing the details of how to create DRD-safe scripts and how to identify DRD-unsafe commands in current scripts, we will take a look at the activities that are not DRD-safe and thus must not take place in a DRD session. After we have described what types of activities are DRD-unsafe, we will then move on to describing how to create control scripts and packages that avoid these activities and are DRD-safe.

3.1 Process Communications

When running in the runcmd environment, commands can be executed that modify the inactive system image. These commands can communicate with other processes that may not have been started within the runcmd environment. These other processes may illegally change the booted system image, or may provide information that is correct for the booted system image, but incorrect for the inactive system image.

Following are three examples of unsafe actions related to process communications.

Example 3.1.1 Illegal Kill: A command executed within the runcmd environment terminates a process that was started outside of the runcmd environment. This is unsafe because the running system expects the process to be running and could be actively communicating with that process.