Hi,
On 1/8/21 19:20, aitor wrote:
> After that, the suid binary can check _whether or not_ the emited
> signal has been received. If yes, both
> the gui and the suid will communicate each other through a unix socket
> or a fifo to know what to do.
Better said, the suid binary can check whether or not the gui has
handled the signal as expected because
the default behavior of SIGUSR1 (User defined signal 1) is to terminate
the process. See the table at the
end of the link:
https://en.wikipedia.org/wiki/Signal_(IPC)#POSIX_signals
<
https://en.wikipedia.org/wiki/Signal_(IPC)#POSIX_signals>
I.e., when such a intruder is acting the
PSTAT_BINARY="SOMEWHERE_DEFINED_NAME" with process ID="PID"
no longer exists.
Aitor.