[PATCH] Error checking for SETXID (bug 13347)
Florian Weimer
fweimer@redhat.com
Mon Mar 24 15:42:00 GMT 2014
On 03/24/2014 04:19 PM, Joseph S. Myers wrote:
> On Mon, 24 Mar 2014, Florian Weimer wrote:
>
>> Check for syscall error in the SETXID implementation in NPTL (bug 13347).
>>
>> At this point, we can only abort the process because we have already switched
>> credentials on other threads. Returning an error would still leave the
>> process in an inconsistent state.
>
> This may be the best possible in the absence of a kernel interface for
> setting ids atomically for the whole process, but such an interface would
> be the desired long-term fix, with aborting from the present code just a
> fallback - is there ongoing work to agree such an interface?
As far as I know, the credentials switching work goes in the other
direction, providing additional per-thread credentials to glibc-based
userspace:
<http://thread.gmane.org/gmane.linux.file-systems/81751>
Probably like most kernel developers, I'm not convinced that the POSIX
semantics are useful.
--
Florian Weimer / Red Hat Product Security Team
More information about the Libc-alpha
mailing list