This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
On 03/27/2014 04:21 PM, Rich Felker wrote:
We already support it through setfsuid/setfsgid, which is per-thread, not per-process.The whole reason you're changing uids is because you can't be sure about what code you run;
Ah, no, you can also change credentials to impersonate a user and access resources with the privileges of that user. A file server does this, for example.
-- Florian Weimer / Red Hat Product Security Team
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |