Re: propsal: all daemons should chdir / on startup

[Topi Miettinen <Topi.Miettinen@ml.tele.fi>]

Guy Maor writes:
> I don't think it's the policy document's job to teach people how to do
> Unix system programming.

Agreed. A pointer to Stevens (or better yet, online tutorial which also
covered switching between uids) wouldn't hurt, though.

> Lack of an setsid() doesn't necessarily imply that there's a bug.
> There are other, more complicated, ways to make sure that you don't
> have a controlling terminal, but unless you care about ancient Unixes
> I wouldn't worry about them.

Doesn't being in a prosess group also affect signals? What if attacker
forks until it gets pid==sid_of_target_which_forgot_setsid and calls
setsid() and kill(pid_of_target)? I tried reading kernel sources, but got
lost.

> Startup code for a daemon would usually look something like (naturally
> you would have to add error checking):
> 
> if (fork() == 0)
>     exit(0);
> setsid();
> chdir("/");
> umask(0);
> for (i=0; i<sysconf(_SC_OPEN_MAX); i++)
>     close(i);
open("/dev/null", O_RDWR); 
open("/dev/null", O_RDWR);
open("/dev/null", O_RDWR);

for fake std{in,out,err}

-Topi