From 1fa41a429f0ed6665bcb960ebc340ebb7100375f Mon Sep 17 00:00:00 2001 From: Erik Tate Date: Tue, 19 Nov 2024 11:15:40 -0500 Subject: [PATCH] changing parker pdeathsig to KILL so to prevent possibility of leaking --- lib/srv/reexec.go | 2 +- lib/srv/reexec_linux.go | 11 +++++++++++ lib/srv/reexec_other.go | 2 ++ 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/lib/srv/reexec.go b/lib/srv/reexec.go index da1d84afa9079..4fe1d42aaa8ec 100644 --- a/lib/srv/reexec.go +++ b/lib/srv/reexec.go @@ -1282,7 +1282,7 @@ func (o *osWrapper) newParker(ctx context.Context, credential syscall.Credential } // Perform OS-specific tweaks to the command. - reexecCommandOSTweaks(cmd) + parkerCommandOSTweaks(cmd) if err := cmd.Start(); err != nil { return trace.Wrap(err) diff --git a/lib/srv/reexec_linux.go b/lib/srv/reexec_linux.go index dcba0399ba1a8..26d7742dad210 100644 --- a/lib/srv/reexec_linux.go +++ b/lib/srv/reexec_linux.go @@ -82,6 +82,17 @@ func reexecCommandOSTweaks(cmd *exec.Cmd) { } } +// if we ever need to run parkers on macOS or other platforms with no PDEATHSIG +// we should rework the parker to block on a pipe so it can exit when its parent +// is terminated +func parkerCommandOSTweaks(cmd *exec.Cmd) { + reexecCommandOSTweaks(cmd) + + // parker processes can leak if their PDEATHSIG is SIGQUIT, otherwise we + // could just use reexecCommandOSTweaks + cmd.SysProcAttr.Pdeathsig = syscall.SIGKILL +} + func userCommandOSTweaks(cmd *exec.Cmd) { if cmd.SysProcAttr == nil { cmd.SysProcAttr = new(syscall.SysProcAttr) diff --git a/lib/srv/reexec_other.go b/lib/srv/reexec_other.go index c99e8e3cdac9e..d5f48d6999fb3 100644 --- a/lib/srv/reexec_other.go +++ b/lib/srv/reexec_other.go @@ -27,6 +27,8 @@ import ( func reexecCommandOSTweaks(cmd *exec.Cmd) {} +func parkerCommandOSTweaks(cmd *exec.Cmd) {} + func userCommandOSTweaks(cmd *exec.Cmd) {} func setNeutralOOMScore() error { return nil }