This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PING] [PATCH] pt_chown: Clear any signal mask inherited from the parent process.
- From: Geoffrey Thomas <geofft at ldpreload dot com>
- To: libc-alpha at sourceware dot org
- Date: Mon, 25 May 2015 09:52:38 -0400 (EDT)
- Subject: [PING] [PATCH] pt_chown: Clear any signal mask inherited from the parent process.
- Authentication-results: sourceware.org; auth=none
- References: <alpine dot DEB dot 2 dot 10 dot 1505171554020 dot 13977 at cactuar dot ldpreload dot com>
If grantpt() is called from a thread that is masking signals (for
instance, from a program using signalfd or using a dedicated
signal-handling thread), then that mask will get inherited to pt_chown.
This means that signals like SIGINT will not interrup pt_chown, so if it
hangs (e.g., because getgrnam("tty") hangs on a remote name service),
Ctrl-C will terminate the parent process but leave pt_chown around. Since
it's setuid, it's hard to kill any other way.
It is safe for pt_chown to unmask all signals, because grantpt() can be
(and usually is) called from an unprivileged process with all signals
unmasked.
---
login/programs/pt_chown.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/login/programs/pt_chown.c b/login/programs/pt_chown.c
index e8d4716..ec78538 100644
--- a/login/programs/pt_chown.c
+++ b/login/programs/pt_chown.c
@@ -23,6 +23,7 @@
#include <grp.h>
#include <libintl.h>
#include <locale.h>
+#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -148,6 +149,11 @@ main (int argc, char *argv[])
uid_t euid = geteuid ();
uid_t uid = getuid ();
int remaining;
+ sigset_t signalset;
+
+ /* Clear any signal mask from the parent process. */
+ sigemptyset (&signalset);
+ sigprocmask (SIG_SETMASK, &signalset, NULL);
if (argc == 1 && euid == 0)
{
--
1.9.1