Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability
Aug 14 2007 08:18PM
Wojciech Purczynski (cliph isec pl)
> I'm not sure this is a real security issue. If some process has the same
> effective UID as the given one, the former can always send any signal to
> the latter. Thus the behaviour you described is IMHO normal.
It becomes a security issue whenever suid process drops user's UIDs.
[ more ]
Copyright 2010, SecurityFocus