Update the kill(2) and killpg(2) man pages to the modern permission
checks. Also indicate killpg(2) is POSIX compliant. Reviewed by: jilles Reviewed by: wblock Approved by: cperciva MFC after: 3 days
This commit is contained in:
Eitan Adler
parent
10950e4651
commit
c965707311
@ -58,11 +58,9 @@ is 0,
|
||||
.Fn killpg
|
||||
sends the signal to the sending process's process group.
|
||||
.Pp
|
||||
The sending process and members of the process group must
|
||||
have the same effective user ID, or
|
||||
the sender must be the super-user.
|
||||
As a single special case the continue signal SIGCONT may be sent
|
||||
to any process with the same session ID as the caller.
|
||||
The sending process must be able to
|
||||
.Fn kill
|
||||
at least one process in the receiving process group.
|
||||
.Sh RETURN VALUES
|
||||
.Rv -std killpg
|
||||
.Sh ERRORS
|
||||
@ -80,9 +78,8 @@ is not a valid signal number.
|
||||
No process can be found in the process group specified by
|
||||
.Fa pgrp .
|
||||
.It Bq Er EPERM
|
||||
The sending process is not the super-user and one or more
|
||||
of the target processes has an effective user ID different from that
|
||||
of the sending process.
|
||||
.Fn kill
|
||||
returns EPERM for all processes in the process group.
|
||||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr getpgrp 2 ,
|
||||
|
||||
@ -64,11 +64,19 @@ This can be used to check the validity of
|
||||
For a process to have permission to send a signal to a process designated
|
||||
by
|
||||
.Fa pid ,
|
||||
the real or effective user ID of the receiving process must match
|
||||
that of the sending process or the user must have appropriate privileges
|
||||
(such as given by a set-user-ID program or the user is the super-user).
|
||||
the user must be the super-user, or
|
||||
the real or saved user ID of the receiving process must match
|
||||
the real or effective user ID of the sending process.
|
||||
A single exception is the signal SIGCONT, which may always be sent
|
||||
to any process with the same session ID as the caller.
|
||||
to any process with the same session ID as the sender.
|
||||
In addition, if the
|
||||
.Va security.bsd.conservative_signals
|
||||
.Xr sysctl
|
||||
is set to 1, the user is not a super-user, and
|
||||
the receiver is set-uid, then
|
||||
only job control and terminal control signals may
|
||||
be sent (in particular, only SIGKILL, SIGINT, SIGTERM, SIGALRM,
|
||||
SIGSTOP, SIGTTIN, SIGTTOU, SIGTSTP, SIGHUP, SIGUSR1, SIGUSR2).
|
||||
.Bl -tag -width Ds
|
||||
.It \&If Fa pid No \&is greater than zero :
|
||||
The
|
||||
@ -124,10 +132,9 @@ is not a valid signal number.
|
||||
No process or process group can be found corresponding to that specified by
|
||||
.Fa pid .
|
||||
.It Bq Er EPERM
|
||||
The sending process is not the super-user and its effective
|
||||
user id does not match the effective user-id of the receiving process.
|
||||
When signaling a process group, this error is returned if any members
|
||||
of the group could not be signaled.
|
||||
The sending process does not have permission to send
|
||||
.Va sig
|
||||
to the receiving process.
|
||||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr getpgrp 2 ,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user