Robert Elz <kre@munnari.OZ.AU> writes:

> As if a setuid program would have one thread running privileged, and
> another running user supplied code as the user (and still be worried
> enough about security to care about a race like that).

Well, it is the same mechanism as receiving a signal
immediately between magic_next_syscall() and the signal
handler... what happens to the very first syscall in the
signal handler?  (i.e. magic_next_syscall becomes
complicated to avoid any race condition, and in practical
terms becomes identical to a flag given to an atomic
syscall anyway.)

        Sean.