Re: PID reuse safety for userspace apps (Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio)

[Solar Designer]

On Tue, Sep 27, 2005 at 01:42:44PM -0700, Linus Torvalds wrote:
> Note that for at least signal sending, the security aspect is _not_ about 
> whether the pid has been re-used, but about whether the _user_ matches.

That's true.  And, changing topic to userspace apps, killall(1)
currently has no race-free way to check whether the user still matches.

There's also the reliability aspect: killing one's own process, but
other than the intended one, is a reliability issue.

What I have proposed is a way to deal with both of these.

killall is just an example.  A GUI point-and-click task manager would
have the same problem and the same solution would work for it.

-- 
Alexander
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/