[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALCETrXbN1vgTNJB2UGeDvxJ+pwsqO1dOfea5Crs4As1A8dKUg@mail.gmail.com>
Date: Thu, 27 Mar 2014 09:21:22 -0700
From: Andy Lutomirski <luto@...capital.net>
To: Florian Weimer <fweimer@...hat.com>
Cc: Serge Hallyn <serge.hallyn@...ntu.com>,
Jim Lieb <jlieb@...asas.com>,
"Eric W. Biederman" <ebiederm@...ssion.com>,
LSM List <linux-security-module@...r.kernel.org>,
"Serge E. Hallyn" <serge@...onical.com>,
Kees Cook <keescook@...omium.org>,
Linux FS Devel <linux-fsdevel@...r.kernel.org>,
"Theodore Ts'o" <tytso@....edu>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
bfields@...hat.com, Jeff Layton <jlayton@...hat.com>
Subject: Re: Thoughts on credential switching
On Thu, Mar 27, 2014 at 8:41 AM, Florian Weimer <fweimer@...hat.com> wrote:
> On 03/27/2014 02:01 AM, Andy Lutomirski wrote:
>
>> Essentially, it's a performance problem. knfsd has override_creds,
>> and it can cache struct cred. But userspace doing the same thing
>> (i.e. impersonating a user) has to do setresuid, setresgid, and
>> setgroups, which kills performance, since it results in something like
>> five RCU callbacks per impersonation round-trip.
>
>
> Do you mean setfsuid instead of setresuid?
No, but I should have given context. setfsuid sucks, since its return
value is garbage. It's also pointless nowadays, since setresuid can
be used to sanely change only the effective uid, and doing so should
be secure.
See: http://article.gmane.org/gmane.linux.kernel/1540880
--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists