On Thu, Jul 20, 2006 at 12:56:05PM +0900, YAMAMOTO Takashi wrote:

> > > > - Always make p->p_cred a private copy before modifying.
> > > > - Share credentials among processes when forking.
> > > 
> > > do you have a plan to add some locking?
> > > "p->p_cred = kauth_cred_copy(p->p_cred);" is not safe
> > > as kauth_cred_copy can sleep.
> > 
> > The change to per-LWP creds will solve this problem for the most part. I
> > hope to make those changes in the next day or two.
> 
> consider a process which has lwpA and lwpB.
> if lwpA does setuid while lwpB does setgid, one of their changes
> can be overwritten.

I'd somehow managed to convince myself that we could get away with that.
I'll put a fix in place when within a few days.

Andrew