public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "bugdal at aerifal dot cx" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sources.redhat.com
Subject: [Bug nptl/13347] Threaded setuid() can wrongly report success when failing to drop privileges
Date: Tue, 24 Jul 2012 23:04:00 -0000 [thread overview]
Message-ID: <bug-13347-131-noeUiFOs2N@http.sourceware.org/bugzilla/> (raw)
In-Reply-To: <bug-13347-131@http.sourceware.org/bugzilla/>
http://sourceware.org/bugzilla/show_bug.cgi?id=13347
--- Comment #5 from Rich Felker <bugdal at aerifal dot cx> 2012-07-24 23:04:20 UTC ---
By the user, I assume you mean the calling application. The problem is that
there's no established way to report "something beyond your control went
horribly wrong and you're in an inconsistent state" to the application. You can
report failure, but applications are likely to assume this means the call had
no effect, not that it had a partial effect.
Ultimately, Linux should add a proper setuid syscall that affects all threads
of the current process (thread group) atomically, and glibc should use that if
it's available and only fallback to the ugly method currently in use on older
kernels that don't provide the new syscall.
Anyway I'll start out with a patch to make it report failure, and see where
things go from there...
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
next prev parent reply other threads:[~2012-07-24 23:04 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-26 3:33 [Bug nptl/13347] New: " bugdal at aerifal dot cx
2012-03-17 20:38 ` [Bug nptl/13347] " bugdal at aerifal dot cx
2012-04-29 3:03 ` bugdal at aerifal dot cx
2012-04-29 17:00 ` ppluzhnikov at google dot com
2012-07-24 14:52 ` carlos_odonell at mentor dot com
2012-07-24 14:56 ` fweimer at redhat dot com
2012-07-24 18:15 ` bugdal at aerifal dot cx
2012-07-24 18:35 ` carlos_odonell at mentor dot com
2012-07-24 23:04 ` bugdal at aerifal dot cx [this message]
2012-07-25 2:20 ` carlos_odonell at mentor dot com
2012-12-03 23:57 ` carlos at systemhalted dot org
2014-03-24 13:57 ` fweimer at redhat dot com
2014-03-24 15:19 ` bugdal at aerifal dot cx
2014-03-24 18:32 ` carlos at redhat dot com
2014-04-01 10:13 ` cvs-commit at gcc dot gnu.org
2014-04-01 11:54 ` joseph at codesourcery dot com
2014-04-01 12:21 ` fweimer at redhat dot com
2014-04-01 12:21 ` cvs-commit at gcc dot gnu.org
2014-06-27 11:43 ` fweimer at redhat dot com
2014-06-27 13:15 ` bugdal at aerifal dot cx
2014-07-09 10:26 ` fweimer at redhat dot com
2014-07-22 12:35 ` fweimer at redhat dot com
2014-07-22 12:57 ` bugdal at aerifal dot cx
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-13347-131-noeUiFOs2N@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=glibc-bugs@sources.redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).