[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[screen-devel] [bug #55511] Prevent Panic causing Panic, and children re
[screen-devel] [bug #55511] Prevent Panic causing Panic, and children removing sockets
Fri, 18 Jan 2019 13:41:53 -0500 (EST)
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:64.0) Gecko/20100101 Firefox/64.0
Summary: Prevent Panic causing Panic, and children removing
Project: GNU Screen
Submitted by: sshambar
Submitted on: Fri 18 Jan 2019 06:41:51 PM UTC
Category: Program Logic
Severity: 3 - Normal
Priority: 5 - Normal
Assigned to: None
Discussion Lock: Any
Fixed Release: None
Planned Release: None
Work Required: None
While tracking down another screen bug, I noticed that I wasn't getting Panic
messages from child processes, and my screen socket kept disappearing.
This is all related to suid root screen (tested on OSX, but probably applies
to other suid ports).
The problem is that in several places forked child processes call setuid, but
don't set eff_uid to the new uid. Any child Panic will call SendErrorMsg,
which will create a child socket, which calls xseteuid(eff_uid=0) after the
socket is created -- and that leads to another Panic.
This prevented the error from being sent.
In addition, since ServerSocket is still valid, when the child Panic calls
eexit(), it removes the socket file.
I've created a patch that fixes both of these bugs (and fixes a leaked file
descriptor or fork fails, which probably doesn't happen often :)
Patch is attached.
Date: Fri 18 Jan 2019 06:41:51 PM UTC Name:
Prevent-Panic-causing-Panic-and-children-removing-sockets.diff Size: 4KiB
Reply to this item at:
Message sent via Savannah
|[Prev in Thread]
||[Next in Thread]|
- [screen-devel] [bug #55511] Prevent Panic causing Panic, and children removing sockets,
Scott Shambarger <=