tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [RFC] getgroups2 system call

On Wed, Dec 14, 2011 at 02:00:49PM +0000, Emmanuel Dreyfus wrote:
> On Wed, Dec 14, 2011 at 08:55:35AM -0500, Thor Lancelot Simon wrote:
> > So, um, whoever "considers" it that way -- they understand there are
> > security impliations to not doing it some other way?
> Not quite. But BTW, what are the security implication? The only case
> I can think of is a thread doing a file operation while another one
> does a setgroups(2). Usual filesystem semantics require the operation 
> to be evaluated against older groups, but it maybe evaluated with newer
> ones.

I suspect the same condition is possible with nonblocking I/O.  But
the most obvious problem is that this can cause a program that tries
to drop privileges before doing a file operation to do so _after_ doing
the file operation.  There are probably several other similar issues.


Home | Main Index | Thread Index | Old Index