Date: Tue, 1 Oct 2019 07:44:00 -0400 From: Rich Felker <dalias@...c.org> To: musl@...ts.openwall.com, Joshua Hudson <joshudson@...il.com> Subject: Re: Re: Hangup calling setuid() from vfork() child On Tue, Oct 01, 2019 at 11:29:08AM +0200, Szabolcs Nagy wrote: > * Florian Weimer <fweimer@...hat.com> [2019-10-01 07:54:56 +0200]: > > * Joshua Hudson: > > > > >> Basically, the vfork() child is in an invalid state and this cannot > > >> be repaired without damaging the parent. > > > > > > Works on glibc just fine. > > > > Are you sure it's changing the credentials of the right TIDs? > > i don't think it works on glibc (or any other linux > libc for that matter) reliably because the child uses > parent data structures to sync with concurrent threads > and the child also clobbers the errno of the parent. > > but it will work usually on glibc because the signals > are sent with tgkill which uses getpid + target tid and > that will just fail because of the pid mismatch, i think > glibc will only deadlock if the parent concurrently > fiddles with the thread stack list. > > in any case setuid is not supportable after vfork on linux ~~~~~~~~ Note that this entire problem would go away if Linux would finally give us a working multithreaded credentials-change syscall... Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.