On Mon, 26 Aug 2002, Zheng Jian-Ming wrote:
> POSIX states that the credentials (uid, gid, capabilities, etc.) are
> process-wide. So when one thread within the process changes some part
> of the credentials, all threads see the change.
>
> But, the credentials are per-task in Linux, so it's possible to have
> two tasks in a process running under different UIDs.
>
> It may have problems when we change UID/GID in one task within the
> thread group.
>
> How to deal with it? Will Linux kernel move credentials into a shared
> structure?
There was some piece of work on that, done by Dave McCracken. But it
lately had this "little security hole you could drive a big yellow truck
with flashlights on through" problem...
I personally like the task->cred->cr_uid, etc. approach. Helps a lot.
Thunder
-- --./../...-/. -.--/---/..-/.-./..././.-../..-. .---/..-/.../- .- --/../-./..-/-/./--..-- ../.----./.-../.-.. --./../...-/. -.--/---/..- .- -/---/--/---/.-./.-./---/.--/.-.-.- --./.-/-.../.-./.././.-../.-.-.-- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/