From mboxrd@z Thu Jan 1 00:00:00 1970 From: ebiederm@xmission.com (Eric W. Biederman) Subject: Re: [PATCH 3/3] p9auth: add p9auth driver Date: Wed, 21 Apr 2010 12:15:27 -0700 Message-ID: References: <20100421012749.GA21338@us.ibm.com> <20100421012908.GB24251@us.ibm.com> <20100421102739.6ad932fb@lxorguk.ukuu.org.uk> <20100421133917.GB16326@us.ibm.com> <20100421151917.5ae20265@lxorguk.ukuu.org.uk> <20100421150900.GB31880@us.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: In-Reply-To: <20100421150900.GB31880@us.ibm.com> (Serge E. Hallyn's message of "Wed\, 21 Apr 2010 10\:09\:00 -0500") Sender: linux-security-module-owner@vger.kernel.org To: "Serge E. Hallyn" Cc: Alan Cox , lkml , David Howells , Ashwin Ganti , Greg KH , rsc@swtch.com, ericvh@gmail.com, linux-security-module@vger.kernel.org, Ron Minnich , jt.beard@gmail.com, Andrew Morton , Andrew Morgan , oleg@us.ibm.com, Eric Paris , linux-api@vger.kernel.org, Randy Dunlap List-Id: linux-api@vger.kernel.org "Serge E. Hallyn" writes: > Ignoring namespaces for a moment, I guess we could do something like > > struct credentials_pass { > pid_t global_pid; > unsigned long unique_id; > uid_t new_uid; > gid_t new_gid; > int num_aux_gids; > gid_t aux_gids[]; > } This looks surprising like what I am doing in passing uids and pids through unix domain sockets. So if this looks like a direction we want to go it shouldn't be too difficult. >> That also btw needs fixing for other reasons - more than one daemon has >> been written that generically uses recvmsg and so can be attacked with FD >> leaks >-) > > Yup. > > (By 'needs fixing' you just mean needs to be done right for this > service? Else I think I'm missing something...) Remember my unix domain socket and the patch for converting struct cred into a new context, from a month or so ago. I think that is what we are talking about. Eric