Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability

To: Wojciech Purczynski <cliph@xxxxxxx>
Subject: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
From: Dan Yefimov <dan@xxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 15 Aug 2007 00:49:49 +0400 (MSD)
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <Pine.LNX.4.58.0708142212470.6030@dione>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

On Tue, 14 Aug 2007, Wojciech Purczynski wrote:

> 
> > I'm not sure this is a real security issue. If some process has the same
> > effective UID as the given one, the former can always send any signal to
> > the latter. Thus the behaviour you described is IMHO normal.
> 
> It becomes a security issue whenever suid process drops user's UIDs.
> 
But if it drops privileges (changes EUID back to RUID), it can't again send any 
signal to setuid process.
-- 

    Sincerely Your, Dan.

References:
- Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
  - From: Wojciech Purczynski

Prev by Date: Multiple vulnerabilities in Live for Speed 0.5X10
Next by Date: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
Previous by thread: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
Next by thread: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
Index(es):
- Date
- Thread