09-08-2008
How to block or ignore signals from certain processes?
We know that a process can block certain signals by call sigprocmask(), but sometimes we may want to block signals from certain processes for safety concerning.
For example, a system may have a process management daemon, and it will response to certain signals from certain processes managed by it. A process in this system may have certain request by sending certain signals to the process manager, in this case, if the process manager just response according to the received signal value without checking the signal sender, then other hacker processes may disguise to attack the system. Therefore, it is critical to block signals from other processes that the process manager does not recognize.
Of course, we can check the pid of signal senders in the signal handler, but it may seem awkard if there are dozens of processes monitored by the process manager.
Is there any neat method to block or ignore signals from certain processes ?
Thank you in advance !
10 More Discussions You Might Find Interesting
1. Programming
does the way of handling, interrupting signals in HP-UX same as that of solaris. If there is difference than what it is.?:confused: (1 Reply)
Discussion started by: kapilv
1 Replies
2. UNIX for Advanced & Expert Users
Is there a way to monitor certain processes and if they hang too long to kill them, but certain scripts which are expected to take a long time to let them go?
Thank you
Richard (4 Replies)
Discussion started by: ukndoit
4 Replies
3. Solaris
Hi
Is there an easy way to identify and group currently running processes into OS processes and APP processes. Not all applications are installed as packages.
Any free tools or scripts to do this?
Many thanks. (2 Replies)
Discussion started by: wilsonee
2 Replies
4. UNIX for Dummies Questions & Answers
(posted this in the scripting forum as well, but figured it should go here) So, what's going on is this:
For our program, we had to create our own shell, and if the user pressed ctrl-c just at the cmdline, then this signal would be ignored, but if there is a foreground process running, let's... (0 Replies)
Discussion started by: blind melon
0 Replies
5. Programming
How can use signals in a C program If i want a child program to signal it's parent program that it(child) program has completed the task that it was assigned.:confused: (2 Replies)
Discussion started by: kapilv
2 Replies
6. UNIX for Advanced & Expert Users
Hi,
I have a program which invokes child processes and communicates with the processes. When I run the program under gdb and say interrupt, all the child processes are dying. Here I am not interested in debugging the child processes. But I don't want my child processes to be killed as my parent... (2 Replies)
Discussion started by: klnarayana
2 Replies
7. Programming
Hello,
I have two programs: server.c and client.c
I need to send signal from client to server. As far as I know I need to use kill() function. To use kill() function I have to know the pid the second process. How can I send pid from process to process(both are written in separate files).
... (3 Replies)
Discussion started by: fasolens
3 Replies
8. Shell Programming and Scripting
I had issues with processes locking up. This script checks for processes and kills them if they are older than a certain time.
Its uses some functions you'll need to define or remove, like slog() which I use for logging, and is_running() which checks if this script is already running so you can... (0 Replies)
Discussion started by: sukerman
0 Replies
9. UNIX for Dummies Questions & Answers
I know how to add signal to a set. But what if I want to add 2 or 3 signals to the set.
I know I can use sigaddset (&set,SIGBUS)....but what if I want to add SIGBUS and SIGALRM at once. Do i have to do it like this..
sigaddset (&set,SIGBUS);
sigaddset (&set,SIGALRM);
Is there another way to... (0 Replies)
Discussion started by: joker40
0 Replies
10. UNIX for Advanced & Expert Users
Hi All,
The problem statement is as below:
Problem: A process (exe) is getting executed in background. The output of this process is getting logged in a file. After successfully running for some time the process gets terminated. In the log file following is present:
^M[7m Interrupt ^M[27m... (8 Replies)
Discussion started by: Praty.27
8 Replies
KILL(2) BSD System Calls Manual KILL(2)
NAME
kill -- send signal to a process
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <sys/types.h>
#include <signal.h>
int
kill(pid_t pid, int sig);
DESCRIPTION
The kill() system call sends the signal given by sig to pid, a process or a group of processes. The sig argument may be one of the signals
specified in sigaction(2) or it may be 0, in which case error checking is performed but no signal is actually sent. This can be used to
check the validity of pid.
For a process to have permission to send a signal to a process designated by pid, the user must be the super-user, or the real or saved user
ID of the receiving process must match the real or effective user ID of the sending process. A single exception is the signal SIGCONT, which
may always be sent to any process with the same session ID as the sender. In addition, if the security.bsd.conservative_signals sysctl is
set to 1, the user is not a super-user, and the receiver is set-uid, then only job control and terminal control signals may be sent (in par-
ticular, only SIGKILL, SIGINT, SIGTERM, SIGALRM, SIGSTOP, SIGTTIN, SIGTTOU, SIGTSTP, SIGHUP, SIGUSR1, SIGUSR2).
If pid is greater than zero:
The sig signal is sent to the process whose ID is equal to pid.
If pid is zero:
The sig signal is sent to all processes whose group ID is equal to the process group ID of the sender, and for which the process has
permission; this is a variant of killpg(2).
If pid is -1:
If the user has super-user privileges, the signal is sent to all processes excluding system processes (with P_SYSTEM flag set),
process with ID 1 (usually init(8)), and the process sending the signal. If the user is not the super user, the signal is sent to
all processes with the same uid as the user excluding the process sending the signal. No error is returned if any process could be
signaled.
For compatibility with System V, if the process number is negative but not -1, the signal is sent to all processes whose process group ID is
equal to the absolute value of the process number. This is a variant of killpg(2).
RETURN VALUES
The kill() function returns the value 0 if successful; otherwise the value -1 is returned and the global variable errno is set to indicate
the error.
ERRORS
The kill() system call will fail and no signal will be sent if:
[EINVAL] The sig argument is not a valid signal number.
[ESRCH] No process or process group can be found corresponding to that specified by pid.
[EPERM] The sending process does not have permission to send sig to the receiving process.
SEE ALSO
getpgrp(2), getpid(2), killpg(2), sigaction(2), sigqueue(2), raise(3), init(8)
STANDARDS
The kill() system call is expected to conform to ISO/IEC 9945-1:1990 (``POSIX.1'').
HISTORY
The kill() function appeared in Version 7 AT&T UNIX.
BSD
March 15, 2012 BSD