newgrp/useradd: always set SIGCHLD to default

The tools newgrp and useradd expect waitpid to behave as described in its manual page. But the notes indicate that if SIGCHLD is ignored, waitpid behaves differently. A user could set SIGCHLD to ignore before starting newgrp through exec. Children of newgrp would not become zombies and their PIDs could be reassigned before newgrp could call kill with the child pid and SIGCONT. The useradd tool is not installed setuid, but I have added the default there as well (copied from vipw). Signed-off-by: Samanta Navarro <ferivoz@riseup.net>
2023-04-26 11:59:51 +00:00 · 2023-04-26 11:59:51 +00:00 · 7b686d8bd6
parent 7ed1df2e80
commit 7b686d8bd6
2 changed files with 7 additions and 0 deletions
--- a/src/newgrp.c
+++ b/src/newgrp.c
@ -288,6 +288,9 @@ static void syslog_sg (const char *name, const char *group)
 		(void) signal (SIGTSTP, SIG_IGN);
 		(void) signal (SIGTTIN, SIG_IGN);
 		(void) signal (SIGTTOU, SIG_IGN);
+		/* set SIGCHLD to default for waitpid */
+		(void) signal(SIGCHLD, SIG_DFL);
+
 		child = fork ();
 		if ((pid_t)-1 == child) {
 			/* error in fork() */
--- a/src/useradd.c
+++ b/src/useradd.c
@ -20,6 +20,7 @@
 #include <lastlog.h>
 #include <libgen.h>
 #include <pwd.h>
+#include <signal.h>
 #ifdef ACCT_TOOLS_SETUID
 #ifdef USE_PAM
 #include "pam_defs.h"
@ -2156,6 +2157,9 @@ static void tallylog_reset (const char *user_name)
 	if (access(pam_tally2, X_OK) == -1)
 		return;

+	/* set SIGCHLD to default for waitpid */
+	signal(SIGCHLD, SIG_DFL);
+
 	failed = 0;
 	switch (childpid = fork())
 	{