From owner-cvs-all  Wed Jan  9 13:25: 8 2002
Delivered-To: cvs-all@freebsd.org
Received: from h132-197-179-27.gte.com (h132-197-179-27.gte.com [132.197.179.27])
	by hub.freebsd.org (Postfix) with ESMTP
	id 8DD4D37B41D; Wed,  9 Jan 2002 13:25:00 -0800 (PST)
Received: from kanpc.gte.com (localhost [127.0.0.1])
	by h132-197-179-27.gte.com (8.11.6/8.11.4) with SMTP id g09LOxt83802;
	Wed, 9 Jan 2002 16:24:59 -0500 (EST)
	(envelope-from ak03@gte.com)
Date: Wed, 9 Jan 2002 16:24:59 -0500
From: Alexander Kabaev <ak03@gte.com>
To: Robert Watson <rwatson@FreeBSD.ORG>
Cc: cvs-all@FreeBSD.ORG
Subject: Re: cvs commit: src/sys/kern kern_sig.c
Message-Id: <20020109162459.0bf4dcd9.ak03@gte.com>
In-Reply-To: <200201060054.g060sll82060@freefall.freebsd.org>
References: <200201060054.g060sll82060@freefall.freebsd.org>
Organization: Verizon
X-Mailer: Sylpheed version 0.6.6claws44 (GTK+ 1.2.10; i386--freebsd5.0)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

This commit broke SIGURG and SIGIO delivery to the processes with
P_SUGID bit set. cr_cansignal will require suser_xxx to success for any
signal which is not on the following list: SIGKILL, SIGINT, SIGTERM,
SIGSTOP, SIGTTIN, SIGTTOU, SIGTSTP, SIGHUP, SIGUSR1, SIGUSR2.

The most visible victim is rlogin, which currently fails to negotiate
window size with remote site because SIGURG signal cannot be delivered
to indicate OOB data.

> rwatson     2002/01/05 16:54:47 PST
> 
>   Modified files:
>     sys/kern             kern_sig.c 
>   Log:
>   - Teach SIGIO code to use cr_cansignal() instead of a custom
>   CANSIGIO()  macro.  As a result, mandatory signal delivery policies
>   will be  applied consistently across the kernel.
>   
>   - Note that this subtly changes the protection semantics, and we
>   should  watch out for any resulting breakage.  Previously, delivery
>   of SIGIO  in this circumstance was limited to situations where the
>   subject was  privileged, or where one of the subject's (ruid, euid)
>   matched one  of the object's (ruid, euid).  In the new scenario,
>   subject (ruid, euid)  are matched against the object's (ruid,
>   svuid), and the object uid's  must be a subset of the subject uid's.
>    Likewise, jail now affects delivery, and special handling for
>    P_SUGID of the object is present. This change can always be
>    reversed or tweaked if it proves to disrupt application behavior
>    substantially.
>   
>   Obtained from:  TrustedBSD Project
>   Sponsored by:   DARPA, NAI Labs
>   
>   Revision  Changes    Path
>   1.143     +3 -13     src/sys/kern/kern_sig.c
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe cvs-all" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message