Debian Bug report logs - #413326
user-launched xinit can't kill X server at end of session

Package: hurd; Maintainer for hurd is GNU Hurd Maintainers <debian-hurd@lists.debian.org>; Source for hurd is src:hurd.

Reported by: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>

Date: Sat, 3 Mar 2007 01:18:01 UTC

Severity: normal

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413177; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>:
New Bug report received and forwarded. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>
To: submit@bugs.debian.org
Subject: The mouse pointer moves awkwardly on X on Hurd.
Date: Sat, 03 Mar 2007 10:14:48 +0900
Package: gnumach
Version: 2:1.3.99.dfsg.cvs20070211-1
Severity: 

The mouse pointer moves only in the vicinity of the left side and moves only vertically, when X starts on Hurd.

When the package of gnumach is replaced with version: 2:1.3.99.dfsg.1-1+b1, the problem is solved.
I suggest that this is a problem perhaps related to mouse's I/O.

Thanks,
--
Hiroyuki Yamamoto




Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413177; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to Samuel Thibault <samuel.thibault@ens-lyon.org>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #10 received at 413177@bugs.debian.org (full text, mbox):

From: Samuel Thibault <samuel.thibault@ens-lyon.org>
To: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>, 413177@bugs.debian.org
Subject: Re: Bug#413177: The mouse pointer moves awkwardly on X on Hurd.
Date: Sat, 3 Mar 2007 02:39:10 +0100
Hi,

YAMAMOTO, Hiroyuki, le Sat 03 Mar 2007 10:14:48 +0900, a écrit :
> When the package of gnumach is replaced with version: 2:1.3.99.dfsg.1-1+b1, the problem is solved.
> I suggest that this is a problem perhaps related to mouse's I/O.

Mmm, that could also be related to the version of gcc that built the
package.  Guillem, did you use gcc 4.1 or ?

Samuel



Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413177; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to Samuel Thibault <samuel.thibault@ens-lyon.org>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #15 received at 413177@bugs.debian.org (full text, mbox):

From: Samuel Thibault <samuel.thibault@ens-lyon.org>
To: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>
Cc: 413177@bugs.debian.org
Subject: Re: Bug#413177: The mouse pointer moves awkwardly on X on Hurd.
Date: Sat, 3 Mar 2007 03:01:49 +0100
YAMAMOTO, Hiroyuki, le Sat 03 Mar 2007 10:58:26 +0900, a écrit :
> Hi,
> 
> Samuel Thibault wrote:
> >Mmm, that could also be related to the version of gcc that built the
> >package.  Guillem, did you use gcc 4.1 or ?
> >  
> 
> My environment is as follows:
> 
> $ dpkg -l | grep gcc
> ii  gcc-4.1-base        4.1.1-21
> ii  libgcc1        4.1.1-21

But you didn't recompile gnumach yourself, did you?

Samuel



Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413177; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #20 received at 413177@bugs.debian.org (full text, mbox):

From: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>
To: Samuel Thibault <samuel.thibault@ens-lyon.org>
Cc: 413177@bugs.debian.org
Subject: Re: Bug#413177: The mouse pointer moves awkwardly on X on Hurd.
Date: Sat, 03 Mar 2007 10:58:26 +0900
Hi,

Samuel Thibault wrote:
> Mmm, that could also be related to the version of gcc that built the
> package.  Guillem, did you use gcc 4.1 or ?
>   

My environment is as follows:

$ dpkg -l | grep gcc
ii  gcc-4.1-base        4.1.1-21
ii  libgcc1        4.1.1-21



Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413177; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #25 received at 413177@bugs.debian.org (full text, mbox):

From: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>
To: Samuel Thibault <samuel.thibault@ens-lyon.org>
Cc: 413177@bugs.debian.org
Subject: Re: Bug#413177: The mouse pointer moves awkwardly on X on Hurd.
Date: Sat, 03 Mar 2007 11:09:34 +0900
Samuel Thibault wrote:
> YAMAMOTO, Hiroyuki, le Sat 03 Mar 2007 10:58:26 +0900, a écrit :
>   
>> Hi,
>>
>> Samuel Thibault wrote:
>>     
>>> Mmm, that could also be related to the version of gcc that built the
>>> package.  Guillem, did you use gcc 4.1 or ?
>>>  
>>>       
>> My environment is as follows:
>>
>> $ dpkg -l | grep gcc
>> ii  gcc-4.1-base        4.1.1-21
>> ii  libgcc1        4.1.1-21
>>     
>
> But you didn't recompile gnumach yourself, did you?
>
> Samuel
>
>   
No, I didn't recompile it.
Just the official package of gnumach is used.

Hiroyuki



Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413177; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to Samuel Thibault <samuel.thibault@ens-lyon.org>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #30 received at 413177@bugs.debian.org (full text, mbox):

From: Samuel Thibault <samuel.thibault@ens-lyon.org>
To: debian-hurd@lists.debian.org, yama1066@gmail.com, 413177@bugs.debian.org
Subject: Re: Bug#413177: The mouse pointer moves awkwardly on X on Hurd.
Date: Sat, 3 Mar 2007 21:36:28 +0100
olafBuddenhagen@gmx.net, le Sat 03 Mar 2007 18:18:16 +0100, a écrit :
> On Sat, Mar 03, 2007 at 03:49:40PM +0100, olafBuddenhagen@gmx.net wrote:
> 
> > AFAIK the Debian gnumach package uses 4.1 for a while now. I also have
> > some local packages compiled with 4.1 that work OK. But I can try
> > whether the newest Debian source also fails if I compile it with the
> > exact same toolchain as the known working packages, if you think it's
> > useful...
> 
> I confirmed now that rebuilding with known good toolchain doesn't change
> anything. Removing the MMX support patch fixes it, though.

I had to fix the TODO of my patch, it seems to work fine now: please try
to replace debian/patches/20_mmx_support.patch with
http://dept-info.labri.fr/~thibault/tmp/patch-gnumach-mmx
and rebuild the package, it works for me.

Samuel



Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413177; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #35 received at 413177@bugs.debian.org (full text, mbox):

From: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>
To: debian-hurd@lists.debian.org, 413177@bugs.debian.org, Samuel Thibault <samuel.thibault@ens-lyon.org>, olafBuddenhagen@gmx.net
Subject: Re: Bug#413177: The mouse pointer moves awkwardly on X on Hurd.
Date: Sun, 04 Mar 2007 14:22:14 +0900
Samuel Thibault wrote:
> Samuel Thibault, le Sat 03 Mar 2007 21:36:28 +0100, a écrit :
>   
>> I had to fix the TODO of my patch, it seems to work fine now: please try
>> to replace debian/patches/20_mmx_support.patch with
>> http://dept-info.labri.fr/~thibault/tmp/patch-gnumach-mmx
>> and rebuild the package, it works for me.
>>     
>
> (and please try to reproduce 413185's bug, in case that's actually the
> same).
>   

I repackaged the official souce of gnumach (2:1.3.99.dfsg.cvs20070211-1) 
with replaced
debian/patches/20_mmx_support.patch and installed it, I confirmed the 
problem solved.


olafBuddenhagen@gmx.net wrote:
> I also get some other X oddities with the new gnumach package:
> WindowMaker segfaults on startup. And if the session fails to come up
> (because of an unrelated problem in my strange environment), instead of
> the X server just restarting once and sitting there as it normally does,
> it goes into a loop restarting again and again; also, monitor timings
> are wrong after restart(s).
>
> None of this happens with the older package.
>   
Although mouse's problem was certainly solved, it was confirmed that X 
without WM restarted again after the logout.
I suggest that it may be another problem perhaps.


Hiroyuki



Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413177; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to Samuel Thibault <samuel.thibault@ens-lyon.org>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #40 received at 413177@bugs.debian.org (full text, mbox):

From: Samuel Thibault <samuel.thibault@ens-lyon.org>
To: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>
Cc: debian-hurd@lists.debian.org, 413177@bugs.debian.org, olafBuddenhagen@gmx.net, control@bugs.debian.org
Subject: Re: Bug#413177: The mouse pointer moves awkwardly on X on Hurd.
Date: Sun, 4 Mar 2007 10:44:21 +0100
clone 413177 -1
title -1 X Restart issues
thanks

Hi,

YAMAMOTO, Hiroyuki, le Sun 04 Mar 2007 14:22:14 +0900, a écrit :
> I repackaged the official souce of gnumach (2:1.3.99.dfsg.cvs20070211-1) 
> with replaced
> debian/patches/20_mmx_support.patch and installed it, I confirmed the 
> problem solved.

Good :)

> olafBuddenhagen@gmx.net wrote:
> >I also get some other X oddities with the new gnumach package:
> >WindowMaker segfaults on startup. And if the session fails to come up
> >(because of an unrelated problem in my strange environment), instead of
> >the X server just restarting once and sitting there as it normally does,
> >it goes into a loop restarting again and again; also, monitor timings
> >are wrong after restart(s).
> >
> >None of this happens with the older package.
> >  
> Although mouse's problem was certainly solved, it was confirmed that X 
> without WM restarted again after the logout.
> I suggest that it may be another problem perhaps.

Ok, cloning bug.

Samuel



Bug 413177 cloned as bug 413326. Request was from Samuel Thibault <samuel.thibault@ens-lyon.org> to control@bugs.debian.org. Full text and rfc822 format available.

Changed Bug title. Request was from Samuel Thibault <samuel.thibault@labri.fr> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413326; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to Samuel Thibault <samuel.thibault@ens-lyon.org>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #49 received at 413326@bugs.debian.org (full text, mbox):

From: Samuel Thibault <samuel.thibault@ens-lyon.org>
To: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>
Cc: debian-hurd@lists.debian.org, 413326@bugs.debian.org, olafBuddenhagen@gmx.net
Subject: Re: Bug#413177: The mouse pointer moves awkwardly on X on Hurd.
Date: Sun, 4 Mar 2007 13:12:11 +0100
Hi,

YAMAMOTO, Hiroyuki, le Sun 04 Mar 2007 14:22:14 +0900, a écrit :
> olafBuddenhagen@gmx.net wrote:
> >I also get some other X oddities with the new gnumach package:
> >WindowMaker segfaults on startup. And if the session fails to come up
> >(because of an unrelated problem in my strange environment), instead of
> >the X server just restarting once and sitting there as it normally does,
> >it goes into a loop restarting again and again; also, monitor timings
> >are wrong after restart(s).
> >
> Although mouse's problem was certainly solved, it was confirmed that X 
> without WM restarted again after the logout.

I can't reproduce that.  I'm not sure to understand what you mean. How
do you start X and the WM exactly?

Samuel



Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413326; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #54 received at 413326@bugs.debian.org (full text, mbox):

From: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>
To: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>, debian-hurd@lists.debian.org, 413326@bugs.debian.org, olafBuddenhagen@gmx.net
Subject: Re: Bug#413177: The mouse pointer moves awkwardly on X on Hurd.
Date: Sun, 04 Mar 2007 21:54:47 +0900
Hi,

Samuel Thibault wrote:
> YAMAMOTO, Hiroyuki, le Sun 04 Mar 2007 14:22:14 +0900, a écrit :
>   
>> olafBuddenhagen@gmx.net wrote:
>>     
>>> I also get some other X oddities with the new gnumach package:
>>> WindowMaker segfaults on startup. And if the session fails to come up
>>> (because of an unrelated problem in my strange environment), instead of
>>> the X server just restarting once and sitting there as it normally does,
>>> it goes into a loop restarting again and again; also, monitor timings
>>> are wrong after restart(s).
>>>
>>>       
>> Although mouse's problem was certainly solved, it was confirmed that X 
>> without WM restarted again after the logout.
>>     
>
> I can't reproduce that.  I'm not sure to understand what you mean. How
> do you start X and the WM exactly

I start X (IceWM as the window manager) by the startx command.
It is only described as `exec icewm' in the ~/.xinit file.

X starts with the window manager normally when the startx command is 
first executed.
Then, if the window manager's logout button is clicked to end X, though 
X seems to end once,
X colored gray (like the source) without the window manager again starts 
soon.
Finally, X can be ended only by pushing Ctrl+Alt+backspace.


Hiroyuki



Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413326; Package gnumach. Full text and rfc822 format available.

Acknowledgement sent to Samuel Thibault <samuel.thibault@ens-lyon.org>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #59 received at 413326@bugs.debian.org (full text, mbox):

From: Samuel Thibault <samuel.thibault@ens-lyon.org>
To: "YAMAMOTO, Hiroyuki" <yama1066@gmail.com>
Cc: debian-hurd@lists.debian.org, 413326@bugs.debian.org, olafBuddenhagen@gmx.net, control@bugs.debian.org
Subject: Re: Bug#413177: The mouse pointer moves awkwardly on X on Hurd.
Date: Sun, 4 Mar 2007 14:27:06 +0100
reassign 413326 hurd
thanks

Hi,

YAMAMOTO, Hiroyuki, le Sun 04 Mar 2007 21:54:47 +0900, a écrit :
> Samuel Thibault wrote:
> >YAMAMOTO, Hiroyuki, le Sun 04 Mar 2007 14:22:14 +0900, a écrit :
> >  
> >>olafBuddenhagen@gmx.net wrote:
> >>    
> >>>I also get some other X oddities with the new gnumach package:
> >>>WindowMaker segfaults on startup. And if the session fails to come up
> >>>(because of an unrelated problem in my strange environment), instead of
> >>>the X server just restarting once and sitting there as it normally does,
> >>>it goes into a loop restarting again and again; also, monitor timings
> >>>are wrong after restart(s).
> >>>
> >>>      
> >>Although mouse's problem was certainly solved, it was confirmed that X 
> >>without WM restarted again after the logout.
> >>    
> >
> >I can't reproduce that.  I'm not sure to understand what you mean. How
> >do you start X and the WM exactly
> 
> I start X (IceWM as the window manager) by the startx command.
> It is only described as `exec icewm' in the ~/.xinit file.
> 
> X starts with the window manager normally when the startx command is 
> first executed.
> Then, if the window manager's logout button is clicked to end X, though 
> X seems to end once,
> X colored gray (like the source) without the window manager again starts 
> soon.
> Finally, X can be ended only by pushing Ctrl+Alt+backspace.

Aaah, yes, now I remember. The error is:

xinit:  Operation not permitted (errno blah):  Can't kill X server.

IIRC that's completely unrelated to gnumach but to hurd or glibc, and
this was already discussed some months ago. I thought this was fixed,
I'll have a look.

Samuel



Bug reassigned from package `gnumach' to `hurd'. Request was from Samuel Thibault <samuel.thibault@ens-lyon.org> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413326; Package hurd. Full text and rfc822 format available.

Acknowledgement sent to Samuel Thibault <samuel.thibault@ens-lyon.org>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. Full text and rfc822 format available.

Message #66 received at 413326@bugs.debian.org (full text, mbox):

From: Samuel Thibault <samuel.thibault@ens-lyon.org>
To: Thomas Bushnell BSG <tb@becket.net>, Roland McGrath <roland@frob.com>, bug-hurd@gnu.org, 413326@bugs.debian.org, control@bugs.debian.org
Subject: Re: killing setuid programs
Date: Sun, 4 Mar 2007 14:38:31 +0100
retitle 413326 user-launched xinit can't kill X server at end of session
thanks

Hi,

The following issue is still not resolved, resulting to X session not
properly killing the X server at its end of its life.

Samuel Thibault, le Tue 29 Aug 2006 21:10:14 +0200, a écrit :
> Thomas Bushnell BSG, le Tue 29 Aug 2006 11:58:43 -0700, a écrit :
> > Samuel Thibault <samuel.thibault@ens-lyon.org> writes:
> > 
> > > Roland McGrath, le Mon 28 Aug 2006 17:34:24 -0700, a écrit :
> > >> It sounds like you are describing the intended behavior.
> > >> You can't send a signal to a setuid program with kill.
> > >
> > >   For a process to have permission to send a signal to a process designated
> > >   by pid, unless the sending process has appropriate privileges, the real or
> > >   effective user ID of the sending process shall match the real or saved
> > >   set-user-ID of the receiving process.
> > >
> > > And setuid programs keep the real user ID set to Joe user's, so that Joe
> > > user can kill the program he launches.
> > 
> > This is not quite correct.
> > 
> > Most setuid programs do *not* keep the real user ID alone; instead,
> > the explicitly change it to match the effective user ID.  This is
> > important.
> 
> Setuid programs themselves might, yes.  But the system mustn't change
> it itself (Hurd's proc correctly doesn't).  Because some programs other
> than passwd (an X server for instance) need to be killable by the very
> user that started it (via xinit).
> 
> > If the "passwd" program could be interrupted at will be
> > its caller, for example, then it might leave an incompletely written
> > and locked password file around.
> 
> Agreed.  But posix says (and some setuid programs rely on this) that by
> default, a setuid program can be killed by the user who launched it.

You didn't comment any more on this, so I guess you agree on this?

Now, the original question is still:

``There's an issue with Joe user being able to kill setuid programs that
he launches: on the sending side, glibc does:

        err = HURD_MSGPORT_RPC (__proc_getmsgport (proc, pid, &msgport),
                                  (taskerr = __proc_pid2task (proc, pid,
                                                              &refport)) ?
                                  __proc_getsidport (proc, &refport) : 0, 1,
                                  kill_port (msgport, refport));
        }

I.e. asks proc for the task port, and if that fails, asks proc for the
session port, then it sends the signal.

It happens that since the target got setuid'ed, the proc server had set
it owned by root, and hence pid2task fails.  I don't know exactly what
having a port on a task means, but I guess that's on purpose that even
if the real uid is Joe user, Joe user shouldn't have a task port on the
setuid-ed program.

As a result only proc_getsidport() works.

And on the receiving side, the ref port needs to be the task port for
letting any signal come in...''

So how should this be fixed for letting Joe kill his X server at the end
of his session?  Shouldn't Joe be allowed to have a task port on the
setuid-ed program?  Or do we need to implement another port which would
just let him do the few operations he can do as the real owner of the X
server?

Samuel



Changed Bug title. Request was from Samuel Thibault <samuel.thibault@ens-lyon.org> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413326; Package hurd. Full text and rfc822 format available.

Changed Bug title. Request was from Samuel Thibault <samuel.thibault@ens-lyon.org> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, GNU Hurd Maintainers <debian-hurd@lists.debian.org>:
Bug#413326; Package hurd. (Sun, 14 Nov 2010 00:36:23 GMT) Full text and rfc822 format available.

Acknowledgement sent to Samuel Thibault <samuel.thibault@gnu.org>:
Extra info received and forwarded to list. Copy sent to GNU Hurd Maintainers <debian-hurd@lists.debian.org>. (Sun, 14 Nov 2010 00:36:23 GMT) Full text and rfc822 format available.

Message #78 received at 413326@bugs.debian.org (full text, mbox):

From: Samuel Thibault <samuel.thibault@gnu.org>
To: Thomas Bushnell BSG <tb@becket.net>, Roland McGrath <roland@frob.com>, bug-hurd@gnu.org, 413326@bugs.debian.org
Subject: Re: killing setuid programs (user-launched xinit can't kill X server at end of session)
Date: Sun, 14 Nov 2010 01:35:49 +0100
This is still an issue, reported again by a user.

Samuel Thibault, le Sun 04 Mar 2007 14:38:31 +0100, a écrit :
> The following issue is still not resolved, resulting to X session not
> properly killing the X server at its end of its life.
> 
> Samuel Thibault, le Tue 29 Aug 2006 21:10:14 +0200, a écrit :
> > Thomas Bushnell BSG, le Tue 29 Aug 2006 11:58:43 -0700, a écrit :
> > > Samuel Thibault <samuel.thibault@ens-lyon.org> writes:
> > > 
> > > > Roland McGrath, le Mon 28 Aug 2006 17:34:24 -0700, a écrit :
> > > >> It sounds like you are describing the intended behavior.
> > > >> You can't send a signal to a setuid program with kill.
> > > >
> > > >   For a process to have permission to send a signal to a process designated
> > > >   by pid, unless the sending process has appropriate privileges, the real or
> > > >   effective user ID of the sending process shall match the real or saved
> > > >   set-user-ID of the receiving process.
> > > >
> > > > And setuid programs keep the real user ID set to Joe user's, so that Joe
> > > > user can kill the program he launches.
> > > 
> > > This is not quite correct.
> > > 
> > > Most setuid programs do *not* keep the real user ID alone; instead,
> > > the explicitly change it to match the effective user ID.  This is
> > > important.
> > 
> > Setuid programs themselves might, yes.  But the system mustn't change
> > it itself (Hurd's proc correctly doesn't).  Because some programs other
> > than passwd (an X server for instance) need to be killable by the very
> > user that started it (via xinit).
> > 
> > > If the "passwd" program could be interrupted at will be
> > > its caller, for example, then it might leave an incompletely written
> > > and locked password file around.
> > 
> > Agreed.  But posix says (and some setuid programs rely on this) that by
> > default, a setuid program can be killed by the user who launched it.
> 
> You didn't comment any more on this, so I guess you agree on this?
> 
> Now, the original question is still:
> 
> ``There's an issue with Joe user being able to kill setuid programs that
> he launches: on the sending side, glibc does:
> 
>         err = HURD_MSGPORT_RPC (__proc_getmsgport (proc, pid, &msgport),
>                                   (taskerr = __proc_pid2task (proc, pid,
>                                                               &refport)) ?
>                                   __proc_getsidport (proc, &refport) : 0, 1,
>                                   kill_port (msgport, refport));
>         }
> 
> I.e. asks proc for the task port, and if that fails, asks proc for the
> session port, then it sends the signal.
> 
> It happens that since the target got setuid'ed, the proc server had set
> it owned by root, and hence pid2task fails.  I don't know exactly what
> having a port on a task means, but I guess that's on purpose that even
> if the real uid is Joe user, Joe user shouldn't have a task port on the
> setuid-ed program.
> 
> As a result only proc_getsidport() works.
> 
> And on the receiving side, the ref port needs to be the task port for
> letting any signal come in...''
> 
> So how should this be fixed for letting Joe kill his X server at the end
> of his session?  Shouldn't Joe be allowed to have a task port on the
> setuid-ed program?  Or do we need to implement another port which would
> just let him do the few operations he can do as the real owner of the X
> server?




Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Mon Apr 21 06:26:20 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.