Re: setuid/pthread interaction broken? 'clone_with_uid()?'

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Dave McCracken <dmccr@us.ibm.com>
To: bert hubert <ahu@ds9a.nl>, linux-kernel@vger.kernel.org
Cc: drepper@redhat.com, torvalds@transmeta.com
Subject: Re: setuid/pthread interaction broken? 'clone_with_uid()?'
Date: Thu, 14 Feb 2002 10:00:47 -0600	[thread overview]
Message-ID: <38300000.1013702447@baldur> (raw)
In-Reply-To: <20020214165143.A16601@outpost.ds9a.nl>
In-Reply-To: <20020214165143.A16601@outpost.ds9a.nl>

--On Thursday, February 14, 2002 16:51:43 +0100 bert hubert <ahu@ds9a.nl>
wrote:

> When a process first issues setuid() and then goes on to create threads,
> those threads run under the setuid() uid - all is well. 
> 
> However,  once the first thread is created, only the thread calling
> setuid() gets setuid in fact. All new threads continue to be created as
> root.
> 
> This behaviour exists under 2.2.18 with glibc 2.1.3 and under 2.4.17 with
> glibc 2.2.5, and is shown using the brief program attached.
> 
> Is this by design? It appears that all threads created get the uid of the
> thread manager process.

It's the expected behavior for a task-based model like Linux.  Each task is
independent and inherits the uid/gid from whoever called clone().  It's
just one of several resources that are specified as process-wide in POSIX,
but are per-task in Linux.

I've been working on a patch to allow clone() to specify shared
credentials, but it's been on the back burner.

Dave McCracken

======================================================================
Dave McCracken          IBM Linux Base Kernel Team      1-512-838-3059
dmccr@us.ibm.com                                        T/L   678-3059

next prev parent reply	other threads:[~2002-02-14 16:01 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-02-14 15:51 setuid/pthread interaction broken? 'clone_with_uid()?' bert hubert
2002-02-14 16:00 ` Dave McCracken [this message]
2002-02-14 16:07   ` bert hubert
2002-02-14 16:19     ` Dave McCracken
2002-02-14 17:05       ` bert hubert
2002-02-14 17:14         ` Dave McCracken

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=38300000.1013702447@baldur \
    --to=dmccr@us.ibm.com \
    --cc=ahu@ds9a.nl \
    --cc=drepper@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=torvalds@transmeta.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox