| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 20 Aug 2006 18:45:15 +0200 From: Arjan van de Ven <arjan@...radead.org> To: Ulrich Drepper <drepper@...hat.com> Cc: Solar Designer <solar@...nwall.com>, Alex Riesen <fork0@...rs.sourceforge.net>, Willy Tarreau <wtarreau@...a.kernel.org>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] set*uid() must not fail-and-return on OOM/rlimits On Sun, 2006-08-20 at 09:28 -0700, Ulrich Drepper wrote: > Arjan van de Ven wrote: > > sounds like a good argument to get the setuid functions marked > > __must_check in glibc... > > There are too many false positives. E.g., in a SUID binaries switching > back from a non-root UID to root will not fail. that is not entirely clear; there is apparently a memory allocation in this codepath which can fail (the patch in this thread is patching that)..... > Very common. > -- if you want to mail me at work (you don't), use arjan (at) linux.intel.com - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists