-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 09:24 PM 1/3/00 +0100, you wrote:
[snip]
>When
>the application reaches the critical section of code between the
>lstat and the open, you stop it by sending it a SIGSTOP. You record
>the device and inode number of your /tmp file, remove it, and wait.
>
>Seconds, days or maybe even weeks later, somebody creates an interesting
>file with exactly the same inode (and device) number as the one you
>used with my setuid program. You now create a symlink in /tmp, pointing
>to that interesting file, and send my setuid application a SIGCONT.
>Zap, there goes the file.
[snip]
>Comments? Suggestions?
Maybe I'm just naive, but it's my understanding that you cannot send signals
to a process you don't own unless you are root.
On my Linux 2.2.13 system, I just tried sending SIGSTOP to a root-owned
and nobody-owned process, and each time was told I was not the process owner.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.2
iQA/AwUBOHEkBOux2pTVimV9EQKVSACdHQzIwkp1NSFzUzlJjvFqZEgXy3oAoN6h
Hgqn5NkiHaExOJuGwhJVGOy7
=4Ywc
-----END PGP SIGNATURE-----
