Re: [PATCH 2.5.30] Allow tasks to share credentials

From: Dave McCracken (
Date: Fri Aug 02 2002 - 16:12:53 EST

--On Friday, August 02, 2002 10:22:54 AM -0700 Linus Torvalds
<> wrote:

> But I _know_, for example, that this is just a horrid security hole the
> way it is now - the execve() path doesn't create a unique "cred"
> structure, so if you execve() a suid binary from a CLONE_CRED thread, the
> other threads get the suid'ness and can do whatever they want.

You are entirely correct. It was an oversight on my part. execve() should
always unshare the cred structure. I'll work up a fixed version.

Dave McCracken

Dave McCracken IBM Linux Base Kernel Team 1-512-838-3059 T/L 678-3059

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

This archive was generated by hypermail 2b29 : Wed Aug 07 2002 - 22:00:20 EST