tty: Prevent untrappable signals from malicious program
authorPeter Hurley <peter@hurleysoftware.com>
Mon, 19 Jan 2015 18:05:03 +0000 (13:05 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 2 Feb 2015 18:09:54 +0000 (10:09 -0800)
commit37480a05685ed5b8e1b9bf5e5c53b5810258b149
tree9a754bf217c5609849d1a8a43bc28b52471b1bf6
parent19e3ae6b4f07a87822c1c9e7ed99d31860e701af
tty: Prevent untrappable signals from malicious program

Commit 26df6d13406d1a5 ("tty: Add EXTPROC support for LINEMODE")
allows a process which has opened a pty master to send _any_ signal
to the process group of the pty slave. Although potentially
exploitable by a malicious program running a setuid program on
a pty slave, it's unknown if this exploit currently exists.

Limit to signals actually used.

Cc: Theodore Ts'o <tytso@mit.edu>
Cc: Howard Chu <hyc@symas.com>
Cc: One Thousand Gnomes <gnomes@lxorguk.ukuu.org.uk>
Cc: Jiri Slaby <jslaby@suse.cz>
Cc: <stable@vger.kernel.org> # 2.6.36+
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers/tty/pty.c