[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: killing setuid programs
From: |
Samuel Thibault |
Subject: |
Re: killing setuid programs |
Date: |
Tue, 29 Aug 2006 02:39:40 +0200 |
User-agent: |
Mutt/1.5.12-2006-07-14 |
Roland McGrath, le Mon 28 Aug 2006 17:34:24 -0700, a écrit :
> It sounds like you are describing the intended behavior.
> You can't send a signal to a setuid program with kill.
For a process to have permission to send a signal to a process designated
by pid, unless the sending process has appropriate privileges, the real or
effective user ID of the sending process shall match the real or saved
set-user-ID of the receiving process.
And setuid programs keep the real user ID set to Joe user's, so that Joe
user can kill the program he launches.
Samuel