Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20250117063709.GJ10433@brightrain.aerifal.cx>
Date: Fri, 17 Jan 2025 01:37:09 -0500
From: Rich Felker <dalias@...c.org>
To: Askar Safin <safinaskar@...omail.com>
Cc: musl <musl@...ts.openwall.com>
Subject: Re: [bug] Ctrl-Z when process is doing posix_spawn makes the
 process hard to kill

On Fri, Jan 17, 2025 at 03:14:03AM +0400, Askar Safin wrote:
> I found a bug both in glibc and musl.
> 
> If a process does posix_spawn+waitpid, then attempting to pause it using Ctrl-Z
> sometimes doesn't work and, worse, makes the process unkillable by usual Ctrl-Z or Ctrl-C.
> 
> The bug is described in full in this glibc issue: https://sourceware.org/bugzilla/show_bug.cgi?id=32565 .
> 
> It is reproducible with musl on the same system I used to reproduce it with glibc (see the link).
> 
> I compiled the code using "x86_64-linux-musl-gcc" wrapper provided by Debian.
> 
> Please, CC me when replying.

OK, I think this should be fixable by, if SIGTSTP is to be SIG_DFL in
the spawned child, setting it to a no-op handler instead of SIG_DFL.
It might actually make sense to just do this for all signals.

Note that SIGSTOP, which is not blockable interceptible or ignorable,
can't be handled this way, but the pid has not yet leaked to anything
at this point, so the only way SIGSTOP can be generated is by a badly
behaved program signaling random pids, which is not a case that needs
to be handled gracefully.

In theory SIGTTIN and SIGTTOU might be hazards too, but I don't think
it's possible for a process to generate them without attempting to
perform io, which the pre-exec child doesn't do. Still handling them
might be a good safety measure in case I'm wrong.

I'll prepare one or more versions of a proposed patch.

Rich
 

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.