Quote:
Originally Posted by
DendyGamer
Is there any secure way to kill all processes with specified UID ?
Traditional way like
setuid(WANTED_UID);
kill(-1,SIGKILL);
is not secure, because this programm will receive signals between calling setuid and calling kill (so, any programm with WANTED_UID can kill this "killer-program", because we cannot catch SIGKILL from process we try to kill).
You haven't provided any information regarding the ruid, euid, and suid of killer-program nor of its victims. However, it's possible that the only reason that killer-program is vulnerable is because of the setuid() call you're using.
A process p cannot send a signal to a process q unless p's real uid or effective uid matches either q's real uid or saved set uid.
Assuming that killer-program is privileged and starts with ruid==euid==suid==0, setuid(WANTED_GUID) will set them all to WANTED_GUID.
Assuming that the victims are running with ruid==euid==suid==WANTED_GUID, the victims can now kill killer-program because killer-programs ruid and/or suid matches victims' ruid and/or euid.
However, if instead you only modified killer-program's credentials so that ruid==suid==0 and euid==WANTED_GUID, the victims could not kill killer-program, since the victims' ruid and/or euid does not match killer-program's ruid and/or suid.
In short, if the assumptions are correct, all you need is to use seteuid instead of setuid.
If the uid assumptions are incorrect, then please be more specific.
Regards,
Alister