From owner-freebsd-ports Wed May 21 04:00:03 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id EAA04039 for ports-outgoing; Wed, 21 May 1997 04:00:03 -0700 (PDT) Received: (from gnats@localhost) by hub.freebsd.org (8.8.5/8.8.5) id EAA04011; Wed, 21 May 1997 04:00:02 -0700 (PDT) Resent-Date: Wed, 21 May 1997 04:00:02 -0700 (PDT) Resent-Message-Id: <199705211100.EAA04011@hub.freebsd.org> Resent-From: gnats (GNATS Management) Resent-To: freebsd-ports Resent-Reply-To: FreeBSD-gnats@FreeBSD.ORG, gjm11@dpmms.cam.ac.uk Received: from lilac.csi.cam.ac.uk (lilac.csi.cam.ac.uk [131.111.8.44]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id DAA03875 for ; Wed, 21 May 1997 03:56:25 -0700 (PDT) Received: from g.pet.cam.ac.uk [131.111.209.233] by lilac.csi.cam.ac.uk with smtp (Exim 1.62 #1) id 0wU93c-0004rZ-00; Wed, 21 May 1997 11:55:48 +0100 Received: from gjm11 by g.pet.cam.ac.uk with local (Exim 1.59 #1) id 0wU93b-0001Kt-00; Wed, 21 May 1997 11:55:47 +0100 Message-Id: Date: Wed, 21 May 1997 11:55:47 +0100 From: gjm11@dpmms.cam.ac.uk Reply-To: gjm11@dpmms.cam.ac.uk To: FreeBSD-gnats-submit@FreeBSD.ORG X-Send-Pr-Version: 3.2 Subject: ports/3649: xlock quits on receipt of signalxx 8 Sender: owner-ports@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >Number: 3649 >Category: ports >Synopsis: xlock quits on receipt of signalxx 8 >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed May 21 04:00:01 PDT 1997 >Last-Modified: >Originator: Gareth McCaughan >Organization: all too little >Release: FreeBSD 2.2-RELEASE i386 >Environment: FreeBSD 2.2, X11R6.3 (XFree86 release 3.2A), xlockmore 3.13 >Description: When xlock receives a signal, it exits. This is a security hole; if you're running on dodgy hardware or there's a bug in the code, the terminal can become unlocked. >How-To-Repeat: Run xlock and arrange for it to receive a SIGSEGV or a SIGFPE or similar. >Fix: xlock should not exit on receipt of SIGILL, SIGEMT, SIGFPE, SIGBUS, SIGSEGV. It should of course still exit on receipt of e.g. SIGKILL. I'm not familiar enough with xlock's internals to provide a patch and be confident that it will work. Of course, if there are hardware problems or buggy code nothing will *guarantee* that xlock will carry on working... >Audit-Trail: >Unformatted: