On Tue, Jun 6, 2017 at 12:03 PM, Eric W. Biederman
<ebiederm@xxxxxxxxxxxx> wrote:
>
> As this is more permisssive there is no chance anything will break.
Actually, I do worry about the security issues here.
The thing is, the parent may be some system daemon that wants to catch
SIGCHLD, but we've used prctl and changed pdeath_signal to something
else (like SIGSEGV or something).
Do we really want to be able to kill a system daemon that we couldn't
use kill() on directly, just because that system daemon spawned us?
So I think those permission checks may actually be a good idea.
Although possibly they should be in prctl()..
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
