Avoid using signals to implement normal functionality. As code in a signal handler can be called at any time by an attacker, restricting the functionality of handlers will mitigate your vulnerability to signal attacks.
According to [[Seacord 05a]]:
Signals [...] should be reserved for abnormal events that can be serviced by little more than logging.
Non-Compliant Code Example
Compliant Solution
Risk Assessment
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
SIG02-A |
3 (high) |
2 (probable) |
2 (medium) |
P12 |
L2 |
References
[[ISO/IEC 9899-1999:TC2]] Section 7.14.1.1, "The signal fucntion"
[[Seacord 05a]]