From owner-svn-src-all@FreeBSD.ORG Mon Oct 29 04:51:52 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 48D73EAE; Mon, 29 Oct 2012 04:51:52 +0000 (UTC) (envelope-from eadler@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 2EB098FC14; Mon, 29 Oct 2012 04:51:52 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q9T4pqST080132; Mon, 29 Oct 2012 04:51:52 GMT (envelope-from eadler@svn.freebsd.org) Received: (from eadler@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q9T4ppgT080129; Mon, 29 Oct 2012 04:51:51 GMT (envelope-from eadler@svn.freebsd.org) Message-Id: <201210290451.q9T4ppgT080129@svn.freebsd.org> From: Eitan Adler Date: Mon, 29 Oct 2012 04:51:51 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org Subject: svn commit: r242299 - in stable/7/lib/libc: compat-43 sys X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Oct 2012 04:51:52 -0000 Author: eadler Date: Mon Oct 29 04:51:51 2012 New Revision: 242299 URL: http://svn.freebsd.org/changeset/base/242299 Log: MFC r241855: Update the kill(2) and killpg(2) man pages to the modern permission checks. Also indicate killpg(2) is POSIX compliant. Approved by: cperciva (implicit) Modified: stable/7/lib/libc/compat-43/killpg.2 stable/7/lib/libc/sys/kill.2 Directory Properties: stable/7/lib/libc/ (props changed) Modified: stable/7/lib/libc/compat-43/killpg.2 ============================================================================== --- stable/7/lib/libc/compat-43/killpg.2 Mon Oct 29 04:51:51 2012 (r242298) +++ stable/7/lib/libc/compat-43/killpg.2 Mon Oct 29 04:51:51 2012 (r242299) @@ -58,11 +58,9 @@ is 0, .Fn killpg sends the signal to the sending process's process group. .Pp -The sending process and members of the process group must -have the same effective user ID, or -the sender must be the super-user. -As a single special case the continue signal SIGCONT may be sent -to any process with the same session ID as the caller. +The sending process must be able to +.Fn kill +at least one process in the receiving process group. .Sh RETURN VALUES .Rv -std killpg .Sh ERRORS @@ -83,9 +81,8 @@ No process can be found in the process g The process group was given as 0 but the sending process does not have a process group. .It Bq Er EPERM -The sending process is not the super-user and one or more -of the target processes has an effective user ID different from that -of the sending process. +.Fn kill +returns EPERM for all processes in the process group. .El .Sh SEE ALSO .Xr getpgrp 2 , Modified: stable/7/lib/libc/sys/kill.2 ============================================================================== --- stable/7/lib/libc/sys/kill.2 Mon Oct 29 04:51:51 2012 (r242298) +++ stable/7/lib/libc/sys/kill.2 Mon Oct 29 04:51:51 2012 (r242299) @@ -64,11 +64,19 @@ This can be used to check the validity o For a process to have permission to send a signal to a process designated by .Fa pid , -the real or effective user ID of the receiving process must match -that of the sending process or the user must have appropriate privileges -(such as given by a set-user-ID program or the user is the super-user). +the user must be the super-user, or +the real or saved user ID of the receiving process must match +the real or effective user ID of the sending process. A single exception is the signal SIGCONT, which may always be sent -to any process with the same session ID as the caller. +to any process with the same session ID as the sender. +In addition, if the +.Va security.bsd.conservative_signals +.Xr sysctl +is set to 1, the user is not a super-user, and +the receiver is set-uid, then +only job control and terminal control signals may +be sent (in particular, only SIGKILL, SIGINT, SIGTERM, SIGALRM, +SIGSTOP, SIGTTIN, SIGTTOU, SIGTSTP, SIGHUP, SIGUSR1, SIGUSR2). .Bl -tag -width Ds .It \&If Fa pid No \&is greater than zero : The @@ -127,10 +135,9 @@ No process can be found corresponding to The process id was given as 0 but the sending process does not have a process group. .It Bq Er EPERM -The sending process is not the super-user and its effective -user id does not match the effective user-id of the receiving process. -When signaling a process group, this error is returned if any members -of the group could not be signaled. +The sending process does not have permission to send +.Va sig +to the receiving process. .El .Sh SEE ALSO .Xr getpgrp 2 ,