From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 14040 invoked by alias); 1 Apr 2014 10:13:56 -0000 Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: glibc-bugs-owner@sourceware.org Received: (qmail 13983 invoked by uid 55); 1 Apr 2014 10:13:52 -0000 From: "cvs-commit at gcc dot gnu.org" To: glibc-bugs@sourceware.org Subject: [Bug nptl/13347] Threaded setuid() can wrongly report success when failing to drop privileges Date: Tue, 01 Apr 2014 10:13:00 -0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: nptl X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: cvs-commit at gcc dot gnu.org X-Bugzilla-Status: ASSIGNED X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: fweimer at redhat dot com X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-SW-Source: 2014-04/txt/msg00003.txt.bz2 https://sourceware.org/bugzilla/show_bug.cgi?id=13347 --- Comment #9 from cvs-commit at gcc dot gnu.org --- This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GNU C Library master sources". The branch, master has been updated via 13f7fe35ae2b0ea55dc4b9628763aafdc8bdc30c (commit) from c859b32e9d76afe8a3f20bb9528961a573c06937 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=13f7fe35ae2b0ea55dc4b9628763aafdc8bdc30c commit 13f7fe35ae2b0ea55dc4b9628763aafdc8bdc30c Author: Florian Weimer Date: Mon Mar 24 15:24:02 2014 +0100 Check for syscall error in the SETXID implementation in NPTL (bug 13347). At this point, we can only abort the process because we have already switched credentials on other threads. Returning an error would still leave the process in an inconsistent state. The new xtest needs root privileges to run. ----------------------------------------------------------------------- Summary of changes: ChangeLog | 7 +++ nptl/Makefile | 3 +- nptl/nptl-init.c | 9 +++- nptl/tst-setuid2.c | 145 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 161 insertions(+), 3 deletions(-) create mode 100644 nptl/tst-setuid2.c -- You are receiving this mail because: You are on the CC list for the bug.