Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability

---

• From: Dan Yefimov <dan@xxxxxxxxxxxxxxxxxxxxx>
• Date: Wed, 15 Aug 2007 00:49:49 +0400 (MSD)

---

On Tue, 14 Aug 2007, Wojciech Purczynski wrote:

I'm not sure this is a real security issue. If some process has the same
effective UID as the given one, the former can always send any signal to
the latter. Thus the behaviour you described is IMHO normal.

It becomes a security issue whenever suid process drops user's UIDs.

But if it drops privileges (changes EUID back to RUID), it can't again send any
signal to setuid process.
--

Sincerely Your, Dan.

---

• References:
  • Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
    • From: Wojciech Purczynski

• Prev by Date: Multiple vulnerabilities in Live for Speed 0.5X10
• Next by Date: FLEA-2007-0045-1 poppler
• Previous by thread: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
• Next by thread: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2007-08