[PATCH] Error checking for SETXID (bug 13347)

Florian Weimer fweimer@redhat.com
Mon Mar 24 15:42:00 GMT 2014


On 03/24/2014 04:19 PM, Joseph S. Myers wrote:
> On Mon, 24 Mar 2014, Florian Weimer wrote:
>
>> Check for syscall error in the SETXID implementation in NPTL (bug 13347).
>>
>> At this point, we can only abort the process because we have already switched
>> credentials on other threads.  Returning an error would still leave the
>> process in an inconsistent state.
>
> This may be the best possible in the absence of a kernel interface for
> setting ids atomically for the whole process, but such an interface would
> be the desired long-term fix, with aborting from the present code just a
> fallback - is there ongoing work to agree such an interface?

As far as I know, the credentials switching work goes in the other 
direction, providing additional per-thread credentials to glibc-based 
userspace:

   <http://thread.gmane.org/gmane.linux.file-systems/81751>

Probably like most kernel developers, I'm not convinced that the POSIX 
semantics are useful.

-- 
Florian Weimer / Red Hat Product Security Team



More information about the Libc-alpha mailing list