Re: adopt(pid_t pid) syscall proposal [patch included]

From: Andy Lutomirski
Date: Tue Jun 11 2013 - 12:53:40 EST

Next message: Christian Daudt: "Re: [PATCH 0/2] ARM dts: bcm281xx: use preprocessor for devicetrees"
Previous message: Alexander E. Patrakov: "Re: [PATCH] ACPIPHP: fix device destroying order issue in handlingdock notification"
In reply to: vcaputo: "adopt(pid_t pid) syscall proposal [patch included]"
Next in thread: vcaputo: "Re: adopt(pid_t pid) syscall proposal [patch included]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/10/2013 06:23 PM, vcaputo@xxxxxxxxxxxxxxxxx wrote:

+ if (!uid_eq(cred->euid, tcred->suid) &&
+ !uid_eq(cred->euid, tcred->uid) &&
+ !uid_eq(cred->uid, tcred->suid) &&
+ !uid_eq(cred->uid, tcred->uid) &&
+ !ns_capable(cred->user_ns, CAP_KILL)) {
+ ret = -EPERM;
+ goto out_unlock;
+ }
+

That check's far too permissive.

This sounds like it will break anything that uses wait and expects its children to not be stolen out from under it.

Also, you'll have problems with screen -x or the default tmux shareable configuration. It sounds like this is better done in userspace.

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Christian Daudt: "Re: [PATCH 0/2] ARM dts: bcm281xx: use preprocessor for devicetrees"
Previous message: Alexander E. Patrakov: "Re: [PATCH] ACPIPHP: fix device destroying order issue in handlingdock notification"
In reply to: vcaputo: "adopt(pid_t pid) syscall proposal [patch included]"
Next in thread: vcaputo: "Re: adopt(pid_t pid) syscall proposal [patch included]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]