This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] Error checking for SETXID (bug 13347)

From: Florian Weimer <fweimer at redhat dot com>
To: Rich Felker <dalias at aerifal dot cx>
Cc: "Joseph S. Myers" <joseph at codesourcery dot com>, GNU C Library <libc-alpha at sourceware dot org>
Date: Thu, 27 Mar 2014 14:38:54 +0100
Subject: Re: [PATCH] Error checking for SETXID (bug 13347)
Authentication-results: sourceware.org; auth=none
References: <53304186 dot 4000909 at redhat dot com> <Pine dot LNX dot 4 dot 64 dot 1403241516210 dot 6513 at digraph dot polyomino dot org dot uk> <53305247 dot 7070605 at redhat dot com> <20140324182208 dot GV26358 at brightrain dot aerifal dot cx>

On 03/24/2014 07:22 PM, Rich Felker wrote:

It is a critical security flaw to have multiple tasks
(threads/processes) running in the same virtual address space with
different privileges. I have described potential attacks for this
situation before; I could lookup the references if you care.

I think you are wrong—the kernel does it all the time. It is okay aslong as you can control what code you run.

We already support it through setfsuid/setfsgid, which is per-thread,not per-process.


--
Florian Weimer / Red Hat Product Security Team

Follow-Ups:
- Re: [PATCH] Error checking for SETXID (bug 13347)
  - From: Rich Felker

References:
- [PATCH] Error checking for SETXID (bug 13347)
  - From: Florian Weimer
- Re: [PATCH] Error checking for SETXID (bug 13347)
  - From: Joseph S. Myers
- Re: [PATCH] Error checking for SETXID (bug 13347)
  - From: Florian Weimer
- Re: [PATCH] Error checking for SETXID (bug 13347)
  - From: Rich Felker

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]