* Also kill all processes of the build user after the build. This is

critical to prevent certain kinds of 0wnage.
2005-10-17 17:43:21 +00:00 · 2005-10-17 17:43:21 +00:00 · 13b089c890
parent f1b3a418fa
commit 13b089c890
1 changed files with 8 additions and 0 deletions
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@ -676,6 +676,14 @@ void DerivationGoal::buildDone()
    /* So the child is gone now. */
    worker.childTerminated(savedPid);

+    /* When running under a build user, make sure that all processes
+       running under that uid are gone.  This is to prevent a
+       malicious user from leaving behind a process that keeps files
+       open and modifies them after they have been chown'ed to
+       root. */
+    if (buildUser != 0)
+        killUser(buildUser);
+
    /* Close the read side of the logger pipe. */
    logPipe.readSide.close();