From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/6822 Path: news.gmane.org!not-for-mail From: Rich Felker Newsgroups: gmane.linux.lib.musl.general Subject: Re: Fixing multithreaded set*id() AS-safety Date: Sat, 10 Jan 2015 23:07:17 -0500 Message-ID: <20150111040717.GH4574@brightrain.aerifal.cx> References: <20141220033918.GA3273@brightrain.aerifal.cx> <20150110053321.GD4574@brightrain.aerifal.cx> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1420949258 15091 80.91.229.3 (11 Jan 2015 04:07:38 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sun, 11 Jan 2015 04:07:38 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-6835-gllmg-musl=m.gmane.org@lists.openwall.com Sun Jan 11 05:07:33 2015 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1YA9oK-00009V-Oo for gllmg-musl@m.gmane.org; Sun, 11 Jan 2015 05:07:32 +0100 Original-Received: (qmail 21843 invoked by uid 550); 11 Jan 2015 04:07:29 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 21835 invoked from network); 11 Jan 2015 04:07:28 -0000 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Original-Sender: Rich Felker Xref: news.gmane.org gmane.linux.lib.musl.general:6822 Archived-At: On Sat, Jan 10, 2015 at 05:52:45PM -0500, stephen Turner wrote: > Does that require any special requirementd in the way of modules or > settings to use from the kernel? If proc doesnt exist what will happen? A > kernel panic, absence of threading or will it create the missing folders or > such? No. As mentioned (I think) earlier, if /proc is not mounted, multi-threaded set*id would not be able to work, but would just report failure. Nothing would blow up. I'm not sure if it's a problem for multi-threaded set*id not to work without /proc mounted, but in general: - Various functions in musl already require /proc to operate correctly because the kernel does not provide a way to do the necessary operations without /proc. Some of these are less arcane than multi-threaded set*id. - It's rather a bad design to be calling setuid in a multi-threaded process to begin with; usually it happens only in Java or other "higher level" langs where you're calling out to setuid via some native interface and it's hard to prevent multiple threads from already existing at that point. These sorts of programs should not be running early boot before /proc is mounted. If failure when /proc is not mounted is really a problem, I'm not sure how we solve it. But in any case, I think we should start pushing for the kernel to fix this issue properly: with a syscall that affects all threads atomically, so that all this mess is used only as a fallback for old kernels. Rich