[mosh-devel] [TOOL RELEASE] Killing Stale Mosh Sessions: Mosh Cleaner
Jann Horn
jann at thejh.net
Mon Jan 27 11:49:26 EST 2014
On Mon, Jan 27, 2014 at 05:21:12PM +0100, Jason A. Donenfeld wrote:
> On Mon, Jan 27, 2014 at 4:58 PM, Jann Horn <jann at thejh.net> wrote:
> > One problem I can see: You're doing setegid and seteuid to prevent a race causing
> > you to kill the process of the wrong user, right? Well, have a look at the kill(2)
> > manpage: "[...]to have permission[...] or the real or effective user ID of the
> > sending process must equal the real or saved set-user-ID of the target process".
> > Looks like you're changing exactly the wrong UID and this should be
> > "setresuid(sbuf.st_uid, sbuf.st_uid, -1)" instead?
>
> Nice catch! Thanks. I made an update -- look okay now?
Looks good to me now.
(I think I should clarify that I'm not a mosh developer, just an interested user, so
don't take this as a yes from the mosh devels or so.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
Url : http://mailman.mit.edu/pipermail/mosh-devel/attachments/20140127/e499f793/attachment.bin
More information about the mosh-devel
mailing list