Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Caller-installed signal handler can be called in RPC server context #35

Open
ventZl opened this issue Dec 2, 2024 · 0 comments
Open

Caller-installed signal handler can be called in RPC server context #35

ventZl opened this issue Dec 2, 2024 · 0 comments
Labels
security Issue has security consequences

Comments

@ventZl
Copy link
Owner

ventZl commented Dec 2, 2024

If caller installs a signal handler for any of its threads, then this signal handler will get triggered even if thread is currently executing RPC method. There are many possible ways to do that:

  • send a signal to the thread using kill()
  • schedule alarm()

This breaks caller - callee separation guarantees of RPC call mechanism: Caller can not execute any own code inside the RPC context and vice versa.

Q&D solution would be to disable signal emission while inside RPC calls. While recently there was an entirely new and independent mechanism added for notifications, better solution might be to retire the signal subsystem entirely as they are kind-of redundant.
@ventZl ventZl added the security Issue has security consequences label Dec 2, 2024
@ventZl ventZl changed the title Callee-installed signal handler can be called in RPC server context Caller-installed signal handler can be called in RPC server context Dec 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security Issue has security consequences
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ventZl