Return to BSD News archive
Newsgroups: comp.os.386bsd.development Path: sserve!newshost.anu.edu.au!munnari.oz.au!spool.mu.edu!cass.ma02.bull.com!think.com!paperboy.osf.org!enterpoop.mit.edu!gatech!howland.reston.ans.net!newsserver.jvnc.net!gmd.de!olymp!saph2.physik.uni-bonn.de!juengst From: juengst@saph2.physik.uni-bonn.de (Henry G. Juengst) Subject: Re: SIGKILL and kill Message-ID: <1993Apr21.183200.8058@olymp.informatik.uni-bonn.de> Keywords: SIGNALS SECURITY Lines: 50 Sender: usenet@olymp.informatik.uni-bonn.de Reply-To: juengst@saph2.physik.uni-bonn.de Organization: Universit"at Bonn, Informatikinstitut, R"omerstr 154, W-5300 Bonn 1 References: <1qo3mq$d4b@news.cs.tu-berlin.de> Date: Wed, 21 Apr 1993 18:32:00 GMT In article <1qo3mq$d4b@news.cs.tu-berlin.de>, klier@cs.tu-berlin.de (Jan Klier) writes: > Hi 386bsd community, > > I don't know if this is the right place to post such things, so if no please > appologize. > > From my experience as administrator and user of Unix systems I have a > suggestion for a little change which could increase the system security > for the user themselves. > I experienced that many users often use the command 'kill -9 pid' to kill > a process instead of the simple version 'kill pid'. But if the SIGKILL signal > is used to terminate a process the user will get rid of, the process itself > has no chance to catch that and cleanup it's own data structure, flushing > some buffers, updating databases etc. > Most often the TERM signal will do the same job, users just don't know about > the difference between KILL and TERM and risk (unconciously) loosing data. > > My idea is now (and I post it here because it could be tested experimentally > in 386bsd) to modify the kill-programm in order to restrict the SIGKILL signal > to the superuser. > This will force users to use the safe TERM-signal when the terminate processes > and still leaves the door open for really hung situation where a SIGKILL is > necessary. > > Any comments? Restrictions are not what users want. SIGTERM could be caught by an ill (bug) signal handler so a program could hang up. Users aren't happy if they need a guru for everything. May be one should add a very big hint into the manual pages (kill.1), because in principle I agree with you. > jan > > > -- > ******************************************************************************* > Jan Klier Berlin, Germany > e-mail: klier.cs.tu-berlin.de cis : 100022,1700 > | jklier.ipk.fhg.de | 100022.1700@compuserve.com > Henry -- juengst@boss1.physik.uni-bonn.de [131.220.221.30] {u} juengst@saph2.physik.uni-bonn.de [131.220.221.12] {d} juengst@pib1.physik.uni-bonn.de [131.220.221.2] {s} I'm only speaking for myself, but not for anybody else !