Ignore signals sent by the command's process group, not just the

command itself.  If we cannot determine the process group ID of the
sender (as it may no longer exist), just check the process ID.

src/exec.c

@@ -865,13 +865,20 @@ handler(int s, siginfo_t *info, void *context)
     unsigned char signo = (unsigned char)s;
 
     /*
-     * If the signal came from the command we ran, just ignore
+     * Do not forward signals sent by a process in the command's process
-     * it since we don't want the child to indirectly kill itself.
+     * group, do not forward it as we don't want the child to indirectly
-     * This can happen with, e.g. BSD-derived versions of reboot
+     * kill itself.  For example, this can happen with some versions of
-     * that call kill(-1, SIGTERM) to kill all other processes.
+     * reboot that call kill(-1, SIGTERM) to kill all other processes.
      */
-    if (info != NULL && info->si_code == SI_USER && info->si_pid == cmnd_pid)
+    if (info != NULL && info->si_code == SI_USER) {
+	pid_t si_pgrp = getpgid(info->si_pid);
+	if (si_pgrp != (pid_t)-1) {
+	    if (si_pgrp == ppgrp || si_pgrp == cmnd_pid)
 		return;
+	} else if (info->si_pid == cmnd_pid) {
+		return;
+	}
+    }
 
     /*
      * The pipe is non-blocking, if we overflow the kernel's pipe
@@ -910,14 +917,24 @@ static void
 handler_user_only(int s, siginfo_t *info, void *context)
 {
     unsigned char signo = (unsigned char)s;
+    pid_t si_pgrp;
 
     /*
-     * Only forward user-generated signals not sent by the command.
+     * Only forward user-generated signals not sent by a process in
-     * Signals sent by the kernel may include SIGTSTP when the user
+     * the command's own process group.  Signals sent by the kernel
-     * presses ^Z.  Curses programs often trap ^Z and send SIGTSTP
+     * may include SIGTSTP when the user presses ^Z.  Curses programs
-     * to their pgrp, so we don't want to send an extra SIGTSTP.
+     * often trap ^Z and send SIGTSTP to their own pgrp, so we don't
+     * want to send an extra SIGTSTP.
      */
-    if (info != NULL && info->si_code == SI_USER && info->si_pid != cmnd_pid) {
+    if (info == NULL || info->si_code != SI_USER)
+	return;
+    if ((si_pgrp = getpgid(info->si_pid)) != (pid_t)-1) {
+	if (si_pgrp == ppgrp || si_pgrp == cmnd_pid)
+	    return;
+    } else if (info->si_pid == cmnd_pid) {
+	    return;
+    }
+
     /*
      * The pipe is non-blocking, if we overflow the kernel's pipe
      * buffer we drop the signal.  This is not a problem in practice.
@@ -926,7 +943,6 @@ handler_user_only(int s, siginfo_t *info, void *context)
 	if (errno != EINTR)
 	    break;
     }
-    }
 }
 #endif /* SA_SIGINFO */
 

src/exec_pty.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009-2013 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2009-2014 Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -136,13 +136,20 @@ mon_handler(int s, siginfo_t *info, void *context)
     unsigned char signo = (unsigned char)s;
 
     /*
-     * If the signal came from the command we ran, just ignore
+     * If the signal came from the process group of the command we ran,
-     * it since we don't want the command to indirectly kill itself.
+     * do not forward it as we don't want the child to indirectly kill
-     * This can happen with, e.g. BSD-derived versions of reboot
+     * itself.  This can happen with, e.g., BSD-derived versions of
-     * that call kill(-1, SIGTERM) to kill all other processes.
+     * reboot that call kill(-1, SIGTERM) to kill all other processes.
      */
-    if (info != NULL && info->si_code == SI_USER && info->si_pid == cmnd_pid)
+    if (info != NULL && info->si_code == SI_USER) {
+	pid_t si_pgrp = getpgid(info->si_pid);
+	if (si_pgrp != (pid_t)-1) {
+	    if (si_pgrp == cmnd_pgrp)
 		return;
+	} else if (info->si_pid == cmnd_pid) {
+		return;
+	}
+    }
 
     /*
      * The pipe is non-blocking, if we overflow the kernel's pipe