| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 May 2012 08:22:36 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Maciej Żenczykowski <zenczykowski@...il.com>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
James Morris <jmorris@...ei.org>, neilb@...e.de,
Vasiliy Kulikov <segoon@...nwall.com>
Subject: Re: setuid and RLIMIT_NPROC and 3.1+
On Mon, May 7, 2012 at 3:06 AM, Maciej Żenczykowski
<zenczykowski@...il.com> wrote:
>
> Having read the commit in question I get what it is trying to prevent,
> but perhaps the setuid call should still be returning an error code
> [E2BIG? EBUSY? EOVERFLOW? ENAVAIL?] for those programs that do bother
> to check, even though it would 'succeed' in changing uid?
>
> (In my case there is no exec following the setuid...)
But that means that in your case the setuid() did actually succeed.
So you didn't get an error return, and the setuid() actually worked.
Only a later exec() would cause an error, but since you didn't do an
exec(), everything should be perfectly fine.
So returning an error would actually be confusing: it would make the
caller think that the setuid() failed and that you're still running
with the old uid. But it isn't.
So can you explain what the problem is for your workload? As far as I
can tell, it should all work perfectly well.
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists