> I'm not sure this is a real security issue. If some process has the same > effective UID as the given one, the former can always send any signal to > the latter. Thus the behaviour you described is IMHO normal. It becomes a security issue whenever suid process drops user's UIDs.