site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=GZUfJHOE/7xW64MAnLMcUqn8v2bM1BqNJWAZ0VXvfAw=; b=aDXm/OU1Fa55UWNlwF1j6sO7pp2awXjaC+uSFyr1ruRLzeGtipw+jp5siVCTfaDkzB C1SYZevi8qIDGnEgBIgJj9wkqOWzJ7JRmcyKbUh7pzFAmg5B3G20R7/yurdp3A+qInQq DCokdQS6kgip14GdUchskF1bMxn0hig19bycs63d5OCPRZP7FcM+A4nWH4VOmrDamsLw cljWvXqxSH9gj59FUOoluTFK9YEDrKQCHf731DXLHIjAbWg+nKaEQkkLnsbvhB8F6zG1 By2Zbl7Z3/F3AtgmoeP1tyD80ElnE2MuQQS2UigW8lk4MGGjp/Z76bxo73Y+dzo2Fxgc f1lw== Hi Alastair, Yes, we did try with them first and they told us they didn’t consider it a security issue, so we posted to oss-security after making sure Apple understood we’d do that unless they asked us not to. Thanks, Dan On Wed, Oct 18, 2017 at 06:31 Alastair Houghton < alastair@alastairs-place.net> wrote:

...

On 18 Oct 2017, at 02:24, Daniel Peebles <pumpkingod@gmail.com> wrote:

The obvious thing we tried before was to launch a new process, set(e)uid to the user in question, then kill(-1, SIGKILL). That will kill all running processes under that user (including the killer!), but unfortunately in High Sierra (and possibly earlier), it also crashes the entire system and I'm unsure how long it'll be until it's fixed: http://www.openwall.com/lists/oss-security/2017/10/12/1

Has this been submitted to <product-security@apple.com>? The ability to take out the system is quite clearly a security issue; there are Macs installed with guest user access, for instance, where this would be troublesome.

...

Does anyone have other ideas, possibly informed by obscure macOS internal behavior, for how to effectively kill all processes owned by a user?

You could try killing just those processes in the same process group, if that’s sufficient for your purposes (i.e. kill(0, SIGKILL)). Of course, that may also trigger the bug, I don’t know.

Alternatively, perhaps you can explain what you’re trying to achieve by killing all the processes belonging to a particular user? Maybe there’s something else you could do instead?

Kind regards,

Alastair.

-- http://alastairs-place.net

_______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.app... This email sent to site_archiver@lists.apple.com