This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On Tuesday 24 July 2012 07:58:28 Florian Weimer wrote:On Linux (except very current versions without funky security modules), set*uid can fail with EAGAIN when RLIMIT_NPROC would be exceeded. Missing return value checks are known to result in privilege escalation vulnerabilities. It is a common coding error to call setuid before setgid, so that the setgid fails, and checking for the setgid result should prevent this mistake from going unnoticed. Therefore, I think it makes sense to add the attribute to both groups of functions.
SGTM
-- Florian Weimer / Red Hat Product Security Team
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |