From: Rich Felker <dalias@libc.org>
To: musl@lists.openwall.com
Subject: Re: Fixing multithreaded set*id() AS-safety
Date: Sat, 10 Jan 2015 23:07:17 -0500 [thread overview]
Message-ID: <20150111040717.GH4574@brightrain.aerifal.cx> (raw)
In-Reply-To: <CAA7aPHj1TQg8sjpD+yATW1W4iSoN1=H5fTUbAiug-=j6bp=aEw@mail.gmail.com>
On Sat, Jan 10, 2015 at 05:52:45PM -0500, stephen Turner wrote:
> Does that require any special requirementd in the way of modules or
> settings to use from the kernel? If proc doesnt exist what will happen? A
> kernel panic, absence of threading or will it create the missing folders or
> such?
No. As mentioned (I think) earlier, if /proc is not mounted,
multi-threaded set*id would not be able to work, but would just report
failure. Nothing would blow up. I'm not sure if it's a problem for
multi-threaded set*id not to work without /proc mounted, but in
general:
- Various functions in musl already require /proc to operate correctly
because the kernel does not provide a way to do the necessary
operations without /proc. Some of these are less arcane than
multi-threaded set*id.
- It's rather a bad design to be calling setuid in a multi-threaded
process to begin with; usually it happens only in Java or other
"higher level" langs where you're calling out to setuid via some
native interface and it's hard to prevent multiple threads from
already existing at that point. These sorts of programs should not
be running early boot before /proc is mounted.
If failure when /proc is not mounted is really a problem, I'm not sure
how we solve it. But in any case, I think we should start pushing for
the kernel to fix this issue properly: with a syscall that affects all
threads atomically, so that all this mess is used only as a fallback
for old kernels.
Rich
next prev parent reply other threads:[~2015-01-11 4:07 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-20 3:39 Rich Felker
2014-12-20 8:48 ` Jens Gustedt
2014-12-20 19:24 ` Rich Felker
2015-01-10 5:33 ` Rich Felker
2015-01-10 22:52 ` stephen Turner
2015-01-11 4:07 ` Rich Felker [this message]
2015-01-11 16:31 ` stephen Turner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150111040717.GH4574@brightrain.aerifal.cx \
--to=dalias@libc.org \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).