This should fix situation described in prev. mail.
Pavel
--- clean/kernel/signal.c Sun May 10 21:20:49 1998
+++ linux/kernel/signal.c Tue May 19 23:27:47 1998
@@ -4,6 +4,8 @@
* Copyright (C) 1991, 1992 Linus Torvalds
*
* 1997-11-02 Modified for POSIX.1b signals by Richard Henderson
+ * 1998-05-19 Security fix: don't allow SIGKILL & friends just because
+ * you have same real uid. Pavel Machek
*/
#include <linux/module.h>
@@ -208,6 +210,16 @@
return sig;
}
+/*
+ * Dangerous signals are anything else then known 'safe' signals.
+ * This signals should be disallowed for tasks where only real uid
+ * gives you right to kill (usually suid programs).
+ */
+
+#define DANGEROUS_SIGNAL(sig) (!((sig == SIGHUP) || (sig == SIGINT) || \
+ (sig == SIGQUIT) || (sig == SIGSTOP) || \
+ (sig == SIGCONT)))
+
int
send_sig_info(int sig, struct siginfo *info, struct task_struct *t)
{
@@ -233,8 +245,9 @@
ret = -EPERM;
if ((!info || ((unsigned long)info != 1 && SI_FROMUSER(info)))
&& ((sig != SIGCONT) || (current->session != t->session))
- && (current->euid ^ t->suid) && (current->euid ^ t->uid)
- && (current->uid ^ t->suid) && (current->uid ^ t->uid)
+ && (current->euid ^ t->suid) && (current->uid ^ t->suid)
+ && (((current->euid ^ t->uid) && (current->uid ^ t->uid))
+ || DANGEROUS_SIGNAL(sig))
&& !capable(CAP_SYS_ADMIN))
goto out_nolock;
-- I'm really pavel@atrey.karlin.mff.cuni.cz. Pavel Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu