Subject: Re: CVS commit: src/sys/kern
To: YAMAMOTO Takashi <firstname.lastname@example.org>
From: Andrew Doran <ad@NetBSD.org>
Date: 07/21/2006 00:09:31
On Thu, Jul 20, 2006 at 12:56:05PM +0900, YAMAMOTO Takashi wrote:
> > > > - Always make p->p_cred a private copy before modifying.
> > > > - Share credentials among processes when forking.
> > >
> > > do you have a plan to add some locking?
> > > "p->p_cred = kauth_cred_copy(p->p_cred);" is not safe
> > > as kauth_cred_copy can sleep.
> > The change to per-LWP creds will solve this problem for the most part. I
> > hope to make those changes in the next day or two.
> consider a process which has lwpA and lwpB.
> if lwpA does setuid while lwpB does setgid, one of their changes
> can be overwritten.
I'd somehow managed to convince myself that we could get away with that.
I'll put a fix in place when within a few days.