Re: [PATCH 00/26] Fixing wait, exit, ptrace, exec, and CLONE_THREAD

From: Aleksa Sarai
Date: Tue Jun 06 2017 - 15:41:19 EST

Next message: Boris Ostrovsky: "Re: [PATCH V2] xen-evtchn: Bind dyn evtchn:qemu-dm interrupt to next online VCPU"
Previous message: Mark Brown: "Applied "regulator: bd9571mwv: Statize local symbols" to the regulator tree"
In reply to: Eric W. Biederman: "[PATCH 25/26] signal: In ptrace_stop use CLD_TRAPPED in all ptrace signals"
Next in thread: Eric W. Biederman: "Re: [PATCH 00/26] Fixing wait, exit, ptrace, exec, and CLONE_THREAD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Another easy entry point is to see that a multi-threaded setuid won't
change the credentials on a zombie thread group leader. Which can allow
sending signals to a process that the credential change should forbid.
This is in violation of posix and the semantics we attempt to enforce in
linux.

I might be completely wrong on this point (and I haven't looked at the patches), but I was under the impression that multi-threaded set[ug]id was implemented in userspace (by glibc's nptl(7) library that uses RT signals internally to get each thread to update their credentials). And given that, I wouldn't be surprised (as a user) that zombie threads will have stale credentials (glibc isn't running in those threads anymore).

Am I mistaken in that belief?

</off-topic>

--
Aleksa Sarai
Software Engineer (Containers)
SUSE Linux GmbH
https://www.cyphar.com/

Next message: Boris Ostrovsky: "Re: [PATCH V2] xen-evtchn: Bind dyn evtchn:qemu-dm interrupt to next online VCPU"
Previous message: Mark Brown: "Applied "regulator: bd9571mwv: Statize local symbols" to the regulator tree"
In reply to: Eric W. Biederman: "[PATCH 25/26] signal: In ptrace_stop use CLD_TRAPPED in all ptrace signals"
Next in thread: Eric W. Biederman: "Re: [PATCH 00/26] Fixing wait, exit, ptrace, exec, and CLONE_THREAD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]