Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 7 Dec 2000 11:58:35 +0100
From:      J Wunsch <j@ida.interface-business.de>
To:        freebsd-security@freebsd.org
Subject:   Please review a change to lock(1)
Message-ID:  <20001207115835.V4709@B7173150.DeutschePost.de>
next in thread | raw e-mail | index | archive | help 

Hi,

i think everybody's happy when seeing those dead processes running
around forever, eating up all CPU time -- since they are too stupid to
notice the tty they're trying to read from is gone.  lock(1) is one of
those culprits, as i just noticed.  You can easily prove this by
logging into a plain tty, starting "lock -np", and killing the shell
e. g. with SIGABRT (or SIGKILL to be sure).  The shell is gone, but
lock is still there, trying to lock nothing now...

I see the intention that lock should never exit except after having
seen the correct password, but a process eating up all CPU is not all
that good either...  Please review the following, and make a better
suggestion if you think i didn't honor all security-related issues
here.  Btw., after the tty is gone, fread() returns NULL but ferror()
doesn't return 1 (!), and isatty(fileno(stdin)) also still yields 1.
So the only way i found was to justify based on errno.

Maybe the event should be syslogged?

Index: lock.c
===================================================================
RCS file: /home/ncvs/src/usr.bin/lock/lock.c,v
retrieving revision 1.8
diff -u -r1.8 lock.c
--- lock.c	1999/10/12 13:53:30	1.8
+++ lock.c	2000/12/07 10:49:28
@@ -61,6 +61,7 @@
 #include <sys/time.h>
 #include <sys/signal.h>
 #include <err.h>
+#include <errno.h>
 #include <ctype.h>
 #include <pwd.h>
 #include <sgtty.h>
@@ -189,7 +190,11 @@
 
 	for (;;) {
 		(void)printf("Key: ");
+		errno = 0;
 		if (!fgets(s, sizeof(s), stdin)) {
+			if (errno == EIO)
+				/* Our terminal is gone; good-bye. */
+				exit(1);
 			clearerr(stdin);
 			hi();
 			continue;

-- 
Joerg Wunsch             NIC hdl: JW11-RIPE             On the air: DL8DTL
See http://www.interface-business.de/~j/ for more information.

Some addresses in the headers might be wrong (sorry - I'm not the admin here).


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001207115835.V4709>