[grodriguez100]

> One of the fixes this release is untrainable SIGKILLs programs for illegal memory accesses, which is a perfectly boring and sensible security practice

The signal raised for page faults should be (and actually was, before 14.4) SIGSEGV, and not SIGKILL. This behaviour is even defined by POSIX.

There is no reason why this should change, specially not in the final release instead of in the public betas and early access releases (where the change was not present).

[altairprime]

To clarify so that I’m not responding incompletely, are we seeing all page faults, i.e. process swapped to disk, now raise SIGKILL — or is this behavior reserved only for certain page faults, i.e. out-of-bounds and permission-denied (R^X) accesses?

The former would be a catastrophic defect and probably result in the release being pulled from distribution.

The latter would be a new classification of certain kinds of page faults as “safe” and “unsafe”, and only the safe ones are allowed to comply with POSIX signal handling. Perhaps they’ll propose an update to POSIX now that the zero day response has shipped.