[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: propsal: all daemons should chdir / on startup

Topi Miettinen <Topi.Miettinen@ml.tele.fi> writes:

> Doesn't being in a prosess group also affect signals?

Yes, you can send signals to an entire process group.

> What if attacker
> forks until it gets pid==sid_of_target_which_forgot_setsid and calls
> setsid() and kill(pid_of_target)? I tried reading kernel sources, but got
> lost.

That will never happen for the same reason that you can't have two
processes with the same pid.

> open("/dev/null", O_RDWR); 
> open("/dev/null", O_RDWR);
> open("/dev/null", O_RDWR);
> 
> for fake std{in,out,err}

Presumably the daemon isn't using stdin, stdout, and stderr, so you
don't need to do this.  And you're not guaranteed to get the lowest
fd, even though you probably will.  You should use dup/dup2 to get
specific fds.


Guy
Reply to: