On Tue, Sep 27, 2005 at 01:42:44PM -0700, Linus Torvalds wrote: > Note that for at least signal sending, the security aspect is _not_ about > whether the pid has been re-used, but about whether the _user_ matches. That's true. And, changing topic to userspace apps, killall(1) currently has no race-free way to check whether the user still matches. There's also the reliability aspect: killing one's own process, but other than the intended one, is a reliability issue. What I have proposed is a way to deal with both of these. killall is just an example. A GUI point-and-click task manager would have the same problem and the same solution would work for it. -- Alexander - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
- References:
- [BUG/PATCH/RFC] Oops while completing async USB via usbdevio
- From: Harald Welte <[email protected]>
- Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio
- From: Linus Torvalds <[email protected]>
- Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio
- From: Sergey Vlasov <[email protected]>
- Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio
- From: Linus Torvalds <[email protected]>
- Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio
- From: Sergey Vlasov <[email protected]>
- PID reuse safety for userspace apps (Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio)
- From: Solar Designer <[email protected]>
- Re: PID reuse safety for userspace apps (Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio)
- From: Alan Cox <[email protected]>
- Re: PID reuse safety for userspace apps (Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio)
- From: Linus Torvalds <[email protected]>
- [BUG/PATCH/RFC] Oops while completing async USB via usbdevio
- Prev by Date: error audio card
- Next by Date: Re: 2.6.14-rc2-mm1
- Previous by thread: Re: PID reuse safety for userspace apps (Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio)
- Next by thread: Re: PID reuse safety for userspace apps (Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio)
- Index(es):