Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 9 Jan 2002 16:24:59 -0500
From:      Alexander Kabaev <ak03@gte.com>
To:        Robert Watson <rwatson@FreeBSD.ORG>
Cc:        cvs-all@FreeBSD.ORG
Subject:   Re: cvs commit: src/sys/kern kern_sig.c
Message-ID:  <20020109162459.0bf4dcd9.ak03@gte.com>
In-Reply-To: <200201060054.g060sll82060@freefall.freebsd.org>
References:  <200201060054.g060sll82060@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
This commit broke SIGURG and SIGIO delivery to the processes with
P_SUGID bit set. cr_cansignal will require suser_xxx to success for any
signal which is not on the following list: SIGKILL, SIGINT, SIGTERM,
SIGSTOP, SIGTTIN, SIGTTOU, SIGTSTP, SIGHUP, SIGUSR1, SIGUSR2.

The most visible victim is rlogin, which currently fails to negotiate
window size with remote site because SIGURG signal cannot be delivered
to indicate OOB data.

> rwatson     2002/01/05 16:54:47 PST
> 
>   Modified files:
>     sys/kern             kern_sig.c 
>   Log:
>   - Teach SIGIO code to use cr_cansignal() instead of a custom
>   CANSIGIO()  macro.  As a result, mandatory signal delivery policies
>   will be  applied consistently across the kernel.
>   
>   - Note that this subtly changes the protection semantics, and we
>   should  watch out for any resulting breakage.  Previously, delivery
>   of SIGIO  in this circumstance was limited to situations where the
>   subject was  privileged, or where one of the subject's (ruid, euid)
>   matched one  of the object's (ruid, euid).  In the new scenario,
>   subject (ruid, euid)  are matched against the object's (ruid,
>   svuid), and the object uid's  must be a subset of the subject uid's.
>    Likewise, jail now affects delivery, and special handling for
>    P_SUGID of the object is present. This change can always be
>    reversed or tweaked if it proves to disrupt application behavior
>    substantially.
>   
>   Obtained from:  TrustedBSD Project
>   Sponsored by:   DARPA, NAI Labs
>   
>   Revision  Changes    Path
>   1.143     +3 -13     src/sys/kern/kern_sig.c
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe cvs-all" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020109162459.0bf4dcd9.ak03>