Security modules and sending signals within the same process

Florian Weimer fweimer at redhat.com
Fri Nov 30 15:14:27 UTC 2018


Is it guaranteed that tasks in the same thread group can always send
signals to each other, irrespective of their respective credentials
structs?

It's not clear to me whether this is always possible based on the
security_task_kill implementations I've examined.

I want to support per-thread setresuid/setresgid, but we also use
signals for inter-thread communication.  This is mainly for thread
cancellation; the setxgid stuff isn't needed for threads with private
credentials.  I wonder if I need to disable cancellation for threads
with such credentials.

Thanks,
Florian



More information about the Linux-security-module-archive mailing list