LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Across fork()?

Across fork()?

Posted Oct 1, 2007 4:10 UTC (Mon) by jzbiciak (✭ supporter ✭, #5246)
In reply to: Across fork()? by filker0
Parent article: Credential records

I think the main idea is to take coherent snapshots of the current credentials at the moment a syscall's made, so that it can follow the request all the way through to completion.

In a multithreaded app, you could have races on some of the details, because not all credentials are per-thread. The kernel may have reason to examine your credentials more than once through the process of executing a system call, and those could be spaced widely in time.

Imagine symlink traversal over a slow link. I remember reading somewhere that Linux's support for deep directory structures and high levels of symlink nesting means a single directory lookup could cause 300MB of disk to get read if you set things up right. :-) An attacker would be motivated to do just that.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds