Subject: Re: OpenBSD Security Advisory: BSD I/O Signals
To: None <tech-security@NetBSD.ORG>
From: John Kohl <>
List: tech-security
Date: 09/15/1997 07:37:52
>>>>> "tqbf" == tqbf  <> writes:


tqbf> A vulnerability discovered in the 4.4BSD kernel allows unprivileged users
tqbf> to send certain signals to arbitrary processes on the system. Depending on
tqbf> the operating system and targeted program, this may allow users to kill
tqbf> off processes or disrupt the operation of certain programs.

Damn.  I saw this in the code when hacking on SIGIO use at work a few
months ago.  I was unable to exploit it on several commercial UNIX OSes,
so I thought my reading of the code must have missed something.