| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <200608201847.05707.mb@bu3sch.de> Date: Sun, 20 Aug 2006 18:47:05 +0200 From: Michael Buesch <mb@...sch.de> To: Ulrich Drepper <drepper@...hat.com> Cc: Solar Designer <solar@...nwall.com>, Alex Riesen <fork0@...rs.sourceforge.net>, Willy Tarreau <wtarreau@...a.kernel.org>, linux-kernel@...r.kernel.org, Arjan van de Ven <arjan@...radead.org> Subject: Re: [PATCH] set*uid() must not fail-and-return on OOM/rlimits On Sunday 20 August 2006 18:28, Ulrich Drepper wrote: > Arjan van de Ven wrote: > > sounds like a good argument to get the setuid functions marked > > __must_check in glibc... > > There are too many false positives. E.g., in a SUID binaries switching > back from a non-root UID to root will not fail. Very common. Well, I would say it clearly depends on the actual kernel implementation if that can fail or not. So userspace should really always check. -- Greetings Michael. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists