Bugtraq mailing list archives

Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability

From: Wojciech Purczynski <cliph () isec pl>
Date: Tue, 14 Aug 2007 23:03:46 +0200 (CEST)


Small correction - I forgot to add setuid(0) ;)

        PARENT          CHILD
        ----------------------------------------------------------------
        fork()
                        prctl(PR_SET_PDEATHSIG)
                        execve("/bin/setuid-binary")
                        setuid(0)
        exit()'ed or killed
                        child receives NO signal this time


        PARENT          CHILD
        ----------------------------------------------------------------
        fork()
                        prctl(PR_SET_PDEATHSIG)
                        execve("/bin/setuid-binary")
                        setuid(0)
        execve("/bin/setuid-binary")
        exit()'ed or killed
                        privileged process receives the signal

Current thread:

Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability, (continued)
- - - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (Aug 16)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Aug 16)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (Aug 16)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Aug 17)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (Aug 17)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Aug 17)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Glynn Clements (Aug 20)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Aug 20)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Nicolas Rachinsky (Aug 17)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Aug 17)
- Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Aug 14)
  - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Aug 15)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Aug 15)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Aug 15)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Aug 15)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Aug 15)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Aug 16)
    - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Dan Yefimov (Aug 16)
- Re: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability x82_ (Aug 15)
  - Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability Wojciech Purczynski (Aug 15)
- Re: Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability x82_ (Aug 17)