emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity
624d57c08c
shadow/src
History
Tobias Stoeckmann 624d57c08c Improve child error handling 
Always set SIGCHLD handler to default, even if the caller of vipw has
set SIGCHLD to ignore. If SIGCHLD is ignored no zombie processes would
be created, which in turn could mean that kill is called with an already
recycled pid.

Proof of Concept:

1. Compile nochld:
 --
 #include <signal.h>
 #include <unistd.h>
 int main(void) {
 char *argv[] = { "vipw", NULL };
 signal(SIGCHLD, SIG_IGN);
 execvp("vipw", argv);
 return 1;
 }
 --
2. Run nochld
3. Suspend child vi, which suspends vipw too:
`kill -STOP childpid`
4. Kill vi:
`kill -9 childpid`
5. You can see with ps that childpid is no zombie but disappeared
6. Bring vipw back into foreground
`fg`

The kill call sends SIGCONT to "childpid" which in turn could have been
already recycled for another process.

This is definitely not a vulnerability. It would take super user
operations, at which point an attacker would have already elevated
permissions.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2021-11-14 12:01:32 +01:00
..
.gitignore git: ignore generated check_subid_range 2021-09-13 16:17:49 +01:00
.indent.pro [svn-upgrade] Integrating new upstream version, shadow (4.0.8) 2007-10-07 11:46:07 +00:00
chage.c fix spelling and unify whitespace 2021-08-18 18:06:02 +00:00
check_subid_range.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
chfn.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
chgpasswd.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
chpasswd.c fix spelling and unify whitespace 2021-08-18 18:06:02 +00:00
chsh.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
expiry.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
faillog.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
free_subid_range.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
get_subid_owners.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
gpasswd.c Only free sgent if it was initialized 2021-09-20 11:04:50 +02:00
groupadd.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
groupdel.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
groupmems.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
groupmod.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
groups.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
grpck.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
grpconv.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
grpunconv.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
id.c * src/newgrp.c: Limit the scope of variable pid. 2010-03-23 11:26:34 +00:00
lastlog.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
list_subid_ranges.c nss/libsubid: simplify the ranges variable for list_owner_ranges 2021-05-22 17:59:57 -05:00
login_nopam.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
login.c fix spelling and unify whitespace 2021-08-18 18:06:02 +00:00
logoutd.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
Makefile.am Makefile: include libeconf dependency in new*idmap 2021-08-02 15:54:20 +02:00
new_subid_range.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
newgidmap.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
newgrp.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
newuidmap.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
newusers.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
nologin.c Adding logging of SSH_ORIGINAL_COMMAND to nologin. 2020-01-11 14:46:52 -06:00
passwd.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
pwck.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
pwconv.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
pwunconv.c libsubid: don't print error messages on stderr by default 2021-05-15 12:38:55 -05:00
su.c su: Fix never alarmed SIGKILL when session terminates 2021-10-25 13:39:41 +08:00
suauth.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
sulogin.c treewide: remove trailing whitespaces 2021-09-13 17:23:17 +01:00
useradd.c useradd: create directories after the SELinux user 2021-10-25 09:55:27 +02:00
userdel.c fix spelling and unify whitespace 2021-08-18 18:06:02 +00:00
usermod.c fix spelling and unify whitespace 2021-08-18 18:06:02 +00:00
vipw.c Improve child error handling 2021-11-14 12:01:32 +01:00