[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <51B754D6.6010606@mit.edu>
Date: Tue, 11 Jun 2013 09:48:22 -0700
From: Andy Lutomirski <luto@....EDU>
To: vcaputo@...generation.com
CC: linux-kernel@...r.kernel.org
Subject: Re: adopt(pid_t pid) syscall proposal [patch included]
On 06/10/2013 06:23 PM, vcaputo@...generation.com wrote:
> + if (!uid_eq(cred->euid, tcred->suid) &&
> + !uid_eq(cred->euid, tcred->uid) &&
> + !uid_eq(cred->uid, tcred->suid) &&
> + !uid_eq(cred->uid, tcred->uid) &&
> + !ns_capable(cred->user_ns, CAP_KILL)) {
> + ret = -EPERM;
> + goto out_unlock;
> + }
> +
That check's far too permissive.
This sounds like it will break anything that uses wait and expects its
children to not be stolen out from under it.
Also, you'll have problems with screen -x or the default tmux shareable
configuration. It sounds like this is better done in userspace.
--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists