signal transmission in ssh2
Dan Astoorian
djast at cs.toronto.edu
Fri Feb 1 10:02:36 EST 2002
On Thu, 31 Jan 2002 12:18:24 EST, Markus Friedl writes:
> + if (sig >= 0 && s->pid > 0) {
> + debug("session_signal_req: killpg(%d, %d)",
> + s->pid, sig);
> + if (killpg(s->pid, sig) < 0)
> + error("session_signal_req: killpg(%d, %d): %s",
> + s->pid, sig, strerror(errno));
Is it safe for the server to be doing this? Isn't the server running as
root when this code runs?
If the process for the session exec()s a privileged program, I'm worried
that this might potentially allow a signal to be sent to a program which
the user would not otherwise be allowed to deliver a signal to.
(I think "s->pid > 0" could be changed to "s->pid > 1", for the sake of
defensiveness; s->pid should never equal 1, but if it ever did happen,
the consequences might be disastrous: on some systems, process group 1
is reserved for kernel processes.)
--
Dan Astoorian People shouldn't think that it's better to have
Sysadmin, CSLab loved and lost than never loved at all. It's
djast at cs.toronto.edu not, it's better to have loved and won. All
www.cs.toronto.edu/~djast/ the other options really suck. --Dan Redican
More information about the openssh-unix-dev
mailing list