To Mikael: there is nothing wrong per se with the kernel
doing sigfillset(¤t->blocked) is certain places. The only
problem is that the wrong definition of sigfillset is being imported.
To Richard: the reason that I included the call
to sigfillset(¤t->blocked) is because I was worried about
the following fairly obscure security hack that might work if
/sbin/modprobe is not present for some reason. I believe (and
I am not sure) that after the attempt to execve fails and
starts to return, the system call return code will check for
a signal (maybe this is not done for system calls executed
from within the kernel?). By setting up a user defined signal
handler, which would be inherited through the create_thread() call,
it would be possible to get that signal handler to execute as the
superuser, since current->uid and current->euid were set to zero just
prior to the execve.
Adam J. Richter __ ______________ 4880 Stevens Creek Blvd, Suite 205
adam@yggdrasil.com \ / San Jose, California 95129-1034
+1 408 261-6630 | g g d r a s i l United States of America
fax +1 408 261-6631 "Free Software For The Rest Of Us."
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu