Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxxx, vulnwatch@xxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
From: Wojciech Purczynski <cliph@xxxxxxx>
Date: Tue, 14 Aug 2007 23:03:46 +0200 (CEST)
In-reply-to: <Pine.LNX.4.58.0708141651370.2476@dione>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <Pine.LNX.4.58.0708141651370.2476@dione>
Sender: wp@xxxxxxxxxxxx

Small correction - I forgot to add setuid(0) ;)

        PARENT          CHILD
        ----------------------------------------------------------------
        fork()
                        prctl(PR_SET_PDEATHSIG)
                        execve("/bin/setuid-binary")
                        setuid(0)
        exit()'ed or killed
                        child receives NO signal this time


        PARENT          CHILD
        ----------------------------------------------------------------
        fork()
                        prctl(PR_SET_PDEATHSIG)
                        execve("/bin/setuid-binary")
                        setuid(0)
        execve("/bin/setuid-binary")
        exit()'ed or killed
                        privileged process receives the signal

Follow-Ups:
- Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
  - From: Dan Yefimov

References:
- COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
  - From: Wojciech Purczynski

Prev by Date: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
Next by Date: Crash in Zoidcom 0.6.7
Previous by thread: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
Next by thread: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
Index(es):
- Date
- Thread