Re: COSEINC Linux Advisory #1: Linux Kernel Parent Process Death Signal Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Small correction - I forgot to add setuid(0) ;)

 	PARENT		CHILD
 	----------------------------------------------------------------
 	fork()
 			prctl(PR_SET_PDEATHSIG)
 			execve("/bin/setuid-binary")
			setuid(0)
 	exit()'ed or killed
 			child receives NO signal this time


 	PARENT		CHILD
 	----------------------------------------------------------------
 	fork()
 			prctl(PR_SET_PDEATHSIG)
 			execve("/bin/setuid-binary")
			setuid(0)
 	execve("/bin/setuid-binary")
 	exit()'ed or killed
 			privileged process receives the signal
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux