From 18c113e98e9c93ad6deb10009c4e2da9c97eb572 Mon Sep 17 00:00:00 2001
From: Quentin Armitage <quentin@armitage.org.uk>
Date: Mon, 16 Nov 2015 18:54:21 +0000
Subject: Ignore all signals except those explicitly wanted

In order to harden keepalived against a user accidentally sending
a wrong signal to keepalived, set all signals other than those we
want actioned to be ignored.

Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
(cherry picked from commit c9cc2badc734ef6a23db7c2c6149137b270b7379)
---
 lib/signals.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/lib/signals.c b/lib/signals.c
index 212c364..d6bbcac 100644
--- a/lib/signals.c
+++ b/lib/signals.c
@@ -137,6 +137,9 @@ signal_ignore(int signo)
 void
 signal_handler_init(void)
 {
+	sigset_t sset;
+	int sig;
+	struct sigaction act;
 	int n = pipe(signal_pipe);
 	assert(!n);
 
@@ -149,6 +152,22 @@ signal_handler_init(void)
 	signal_SIGCHLD_handler = NULL;
 	signal_SIGUSR1_handler = NULL;
 	signal_SIGUSR2_handler = NULL;
+
+	/* Ignore all signals by default (except essential ones) */
+	sigfillset(&sset);
+	sigdelset(&sset, SIGILL);
+	sigdelset(&sset, SIGFPE);
+	sigdelset(&sset, SIGSEGV);
+	sigdelset(&sset, SIGBUS);
+	sigdelset(&sset, SIGKILL);
+	sigdelset(&sset, SIGSTOP);
+	act.sa_handler = SIG_IGN;
+	sigemptyset(&act.sa_mask);
+	act.sa_flags = 0;
+	for (sig = 1; sig <= SIGRTMAX; sig++) {
+		if (sigismember(&sset, sig))
+			sigaction(sig, &act, NULL);
+	}
 }
 
 void
-- 
1.7.12.1