Re: Signal security

Alan Cox (alan@lxorguk.ukuu.org.uk)
Wed, 20 May 1998 13:25:15 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Peter Svensson: "Re: 2.0.34pre15 opps.....DAMN IT!"
Previous message: Alan Cox: "Re: PATCH: signals security"

> > That is harmless. passwd uses rename() as it must be atomic. The off switch
> > and sigkill are not dissimilar issues.
>
> They are: I can produce 1000 sigkills per second (probably) to exploit
> race condition without anyone noticing. Turning machine off and on
> 1000 times would take pretty long time to do. Also, you can remove
> stale locks at bootup. If I kill someone with sigkill, lock will be
> there for sure, and unless they play PID tricks, they will not notice.

It doesnt matter you only have to do it once with the right timing. If there
are race conditions in programs fix them. The "my programs suck fix something
else" mentality leads you to things like Java.

> has to restart, anyway. Killing X server with SIGKILL is not harmless:
> you make console unusable and you force root to reboot sometimes.

So fix X.

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Peter Svensson: "Re: 2.0.34pre15 opps.....DAMN IT!"
Previous message: Alan Cox: "Re: PATCH: signals security"