Posted Oct 1, 2007 4:10 UTC (Mon) by jzbiciak
(✭ supporter ✭
In reply to: Across fork()?
Parent article: Credential records
I think the main idea is to take coherent snapshots of the current credentials at the moment a syscall's made, so that it can follow the request all the way through to completion.
In a multithreaded app, you could have races on some of the details, because not all credentials are per-thread. The kernel may have reason to examine your credentials more than once through the process of executing a system call, and those could be spaced widely in time.
Imagine symlink traversal over a slow link. I remember reading somewhere that Linux's support for deep directory structures and high levels of symlink nesting means a single directory lookup could cause 300MB of disk to get read if you set things up right. :-) An attacker would be motivated to do just that.
to post comments)