Nmap Development mailing list archives
Re: [Patch] Runtime interaction bug with sudo
From: Patrick Donnelly <batrick () batbytes com>
Date: Wed, 14 May 2014 10:26:57 -0400
Hi Jay, On Tue, May 6, 2014 at 9:37 AM, Jay Bosamiya <jaybosamiya () gmail com> wrote:
Looking at [1] and the discussion before and after it, it seems like Patrick Donnelly and David Fifield have already looked into signals and the possibility of installing a signal handler. And according to [2], David says that it'd be better not to do anything complicated in a signal handler because of subtle security risks. However, I feel that a simple exit() in a signal handler for SIGINT would be a very simple way to work things out correctly and not add security risks. Correct me if I am wrong.
exit is not an "async-signal-safe" function as defined by [1]. The main reason for this is because it calls fflush on all open files. Calling tty_done directly from the signal handler would be okay though. [Although, technically, changing tty_fd in tty_done is not technically correct in a signal handler since its type is not sig_atomic_t.] Then you could call _exit [2] (which is async-signal-safe). Any solution to this should preserve the abnormal termination of Nmap. That is, the default signal handler should be restored and the signal raised again. The main reason for this is to preserve the generation of core dumps. You can look at an example solution I wrote for another program here [3]. [1] http://pubs.opengroup.org/onlinepubs/009695399/functions/xsh_chap02_04.html [2] http://pubs.opengroup.org/onlinepubs/009695399/functions/_exit.html [3] https://github.com/cooperative-computing-lab/cctools/blob/master/chirp/src/chirp_server.c#L1893 -- Patrick Donnelly _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [Patch] Runtime interaction bug with sudo Jay Bosamiya (May 06)
- Re: [Patch] Runtime interaction bug with sudo Patrick Donnelly (May 14)
- Re: [Patch] Runtime interaction bug with sudo Jay Bosamiya (May 15)
- Re: [Patch] Runtime interaction bug with sudo Patrick Donnelly (May 15)
- Re: [Patch] Runtime interaction bug with sudo Daniel Miller (May 15)
- Re: [Patch] Runtime interaction bug with sudo Daniel Miller (May 21)
- Re: [Patch] Runtime interaction bug with sudo Jay Bosamiya (May 15)
- Re: [Patch] Runtime interaction bug with sudo Patrick Donnelly (May 14)