lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20101004100920.GH5189@cr0.nay.redhat.com>
Date:	Mon, 4 Oct 2010 18:09:20 +0800
From:	Américo Wang <xiyou.wangcong@...il.com>
To:	Mark Heily <mark@...ly.com>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: PROBLEM: setgroups(2) does not update all threads in a process

On Fri, Oct 01, 2010 at 11:11:31PM -0400, Mark Heily wrote:
>
>The setgroups(2) system call does not update the credentials for all
>threads in a process. Instead, it only updates the credentials for
>the currently executing thread. Any threads that were created before
>setgroups() was called are not affected.
>
>This is not the expected behavior according to the manpage, which states:
>
>    "setgroups()  sets  the supplementary group IDs for the calling process."
>
>See below for a small test case that demonstrates the problem. This
>program runs successfully on FreeBSD 8 and Solaris 10, but fails on
>Linux 2.6.32.

I got the following from credentials(7):

       The POSIX threads specification requires that credentials are shared by all of
       the threads in a process.  However, at the kernel level, Linux maintains
       separate user and group credentials for each thread.  The NPTL threading
       implementation does some work to ensure that any change to user or group
       credentials (e.g., calls to setuid(2), setresuid(2), etc.)  is carried through
       to all of the POSIX threads in a process.

Hope it helps.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ