From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <fw@deneb.enyo.de>
Received: from albireo.enyo.de (albireo.enyo.de [37.24.231.21])
 by sourceware.org (Postfix) with ESMTPS id 95DAC39724B5
 for <libc-alpha@sourceware.org>; Thu,  1 Oct 2020 06:08:27 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 95DAC39724B5
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=deneb.enyo.de
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=fw@deneb.enyo.de
Received: from [172.17.203.2] (helo=deneb.enyo.de)
 by albireo.enyo.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
 id 1kNrlQ-0001Fa-Jr; Thu, 01 Oct 2020 06:08:24 +0000
Received: from fw by deneb.enyo.de with local (Exim 4.92)
 (envelope-from <fw@deneb.enyo.de>)
 id 1kNrlQ-0003V6-H6; Thu, 01 Oct 2020 08:08:24 +0200
From: Florian Weimer <fw@deneb.enyo.de>
To: Rich Felker <dalias@libc.org>
Cc: Carlos O'Donell via Libc-alpha <libc-alpha@sourceware.org>,
 musl@lists.openwall.com
Subject: Re: [PATCH] Make abort() AS-safe (Bug 26275).
References: <20200927141952.121047-1-carlos@redhat.com>
 <871rinm1fx.fsf@mid.deneb.enyo.de>
 <20200928234833.GC17637@brightrain.aerifal.cx>
 <87d025jcn0.fsf@mid.deneb.enyo.de>
 <20200929144207.GD17637@brightrain.aerifal.cx>
 <20201001023018.GL17637@brightrain.aerifal.cx>
Date: Thu, 01 Oct 2020 08:08:24 +0200
In-Reply-To: <20201001023018.GL17637@brightrain.aerifal.cx> (Rich Felker's
 message of "Wed, 30 Sep 2020 22:30:19 -0400")
Message-ID: <87o8lmeaw7.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Status: No, score=-6.4 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Oct 2020 06:08:28 -0000

* Rich Felker:

> Even without fork, execve and posix_spawn can also see the SIGABRT
> disposition change made by abort(), passing it on to a process that
> should have started with a disposition of SIG_IGN if you hit exactly
> the wrong spot in the race.

My feeling is that it's not worth bothering with this kind of leakage.
We've had this bug forever in glibc, and no one has complained about
it.

Carlos is investigating removal of the abort lock from glibc, I think.