From: Trond Myklebust <trond.myklebust@fys.uio.no>
To: Chris Wedgwood <cw@f00f.org>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>,
Thunder from the hill <thunder@lightweight.ods.org>,
Zheng Jian-Ming <zjm@cis.nctu.edu.tw>,
linux-kernel@vger.kernel.org
Subject: Re: problems with changing UID/GID
Date: 27 Aug 2002 21:35:10 +0200 [thread overview]
Message-ID: <shsvg5wqemp.fsf@charged.uio.no> (raw)
In-Reply-To: <20020827075426.GA6696@tapu.f00f.org>
>>>>> " " == Chris Wedgwood <cw@f00f.org> writes:
> On Mon, Aug 26, 2002 at 06:16:59PM +0100, Alan Cox wrote:
> It changes the whole semantics of every security test in
> Linux, and breaks most of them totally. Our syscalls know
> the uid is constant during the call
> Could we not (eventually) have CLONE_CREDs and then lock using
> task->cred->lock or whatever? Or might there be cases where
> this will deadlock? It does mean set[eu]id will have to wait
> of other threads and IO to complete... no matter how long that
> takes, but other than might it be reasonable?
Locking does absolutely nothing for the problem of checking file
access with one set of credentials, and then doing the subsequent file
operation with another set of credentials.
->permission(), ->lookup(), ->create(), ->read(), etc.. may all sleep,
giving some alternate thread ample time to change uid/gid/... behind
your back.
Cheers,
Trond
next prev parent reply other threads:[~2002-08-27 19:31 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-08-26 13:30 problems with changing UID/GID Zheng Jian-Ming
2002-08-26 13:45 ` Alan Cox
2002-08-27 21:21 ` Mike Touloumtzis
2002-08-28 11:51 ` Florian Weimer
2002-08-28 14:01 ` Alan Cox
2002-08-26 14:58 ` Thunder from the hill
2002-08-26 17:16 ` Alan Cox
2002-08-26 17:31 ` Thunder from the hill
2002-08-26 18:47 ` Trond Myklebust
2002-08-26 18:49 ` Luca Barbieri
2002-08-27 7:54 ` Chris Wedgwood
2002-08-27 15:42 ` Thunder from the hill
2002-08-27 18:12 ` Chris Wedgwood
2002-08-27 19:08 ` Thunder from the hill
2002-08-27 20:00 ` Chris Wedgwood
2002-08-27 20:25 ` Thunder from the hill
2002-08-27 20:52 ` Chris Wedgwood
2002-08-27 19:35 ` Trond Myklebust [this message]
2002-08-27 20:01 ` Chris Wedgwood
2002-08-27 22:09 ` Trond Myklebust
2002-08-28 14:24 ` Dave McCracken
2002-08-28 18:30 ` Trond Myklebust
2002-08-28 20:59 ` Dave McCracken
2002-08-28 23:20 ` Trond Myklebust
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=shsvg5wqemp.fsf@charged.uio.no \
--to=trond.myklebust@fys.uio.no \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=cw@f00f.org \
--cc=linux-kernel@vger.kernel.org \
--cc=thunder@lightweight.ods.org \
--cc=zjm@cis.nctu.edu.tw \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox