This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Error checking for SETXID (bug 13347)
- From: Florian Weimer <fweimer at redhat dot com>
- To: Rich Felker <dalias at aerifal dot cx>
- Cc: "Joseph S. Myers" <joseph at codesourcery dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Thu, 27 Mar 2014 14:38:54 +0100
- Subject: Re: [PATCH] Error checking for SETXID (bug 13347)
- Authentication-results: sourceware.org; auth=none
- References: <53304186 dot 4000909 at redhat dot com> <Pine dot LNX dot 4 dot 64 dot 1403241516210 dot 6513 at digraph dot polyomino dot org dot uk> <53305247 dot 7070605 at redhat dot com> <20140324182208 dot GV26358 at brightrain dot aerifal dot cx>
On 03/24/2014 07:22 PM, Rich Felker wrote:
It is a critical security flaw to have multiple tasks
(threads/processes) running in the same virtual address space with
different privileges. I have described potential attacks for this
situation before; I could lookup the references if you care.
I think you are wrong—the kernel does it all the time. It is okay as
long as you can control what code you run.
We already support it through setfsuid/setfsgid, which is per-thread,
not per-process.
--
Florian Weimer / Red Hat Product Security Team