Recommendations

SIG00-A. Mask signals handled by non-interruptible signal handlers

SIG01-A. Understand implementation-specific details regarding signal handler persistence

SIG02-A. Avoid using signals to implement normal functionality

Rules

SIG30-C. Call only asynchronous-safe functions within signal handlers

SIG31-C. Do not access or modify shared objects in signal handlers

SIG32-C. Do not call longjmp() from inside a signal handler

SIG33-C. Do not recursively invoke the raise() function

SIG34-C. Do not call signal() from within interruptible signal handlers

Risk Assessment Summary

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

SIG00-A

high

likely

high

P9

L2

SIG01-A

low

unlikely

low

P3

L3

SIG02-A

high

probable

medium

P12

L1

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

SIG30-C

high

likely

medium

P18

L1

SIG31-C

high

likely

high

P9

L2

SIG32-C

high

likely

medium

P18

L1

SIG33-C

low

unlikely

medium

P2

L3

SIG34-C

low

unlikely

low

P3

L3

Related Rules and Recommendations


VOID ENV33-C. Do not call the longjmp function to terminate a call to a function registered by atexit()      10. Environment (ENV)       SIG00-A. Mask signals handled by non-interruptible signal handlers