Subject: Re: OpenBSD Security Advisory: BSD I/O Signals
To: None <tech-security@NetBSD.ORG>
From: John Kohl <firstname.lastname@example.org>
Date: 09/15/1997 07:37:52
>>>>> "tqbf" == tqbf <email@example.com> writes:
tqbf> A vulnerability discovered in the 4.4BSD kernel allows unprivileged users
tqbf> to send certain signals to arbitrary processes on the system. Depending on
tqbf> the operating system and targeted program, this may allow users to kill
tqbf> off processes or disrupt the operation of certain programs.
Damn. I saw this in the code when hacking on SIGIO use at work a few
months ago. I was unable to exploit it on several commercial UNIX OSes,
so I thought my reading of the code must have missed something.