Across fork()?

Posted Oct 1, 2007 4:10 UTC (Mon) by jzbiciak (guest, #5246)
In reply to: Across fork()? by filker0
Parent article: Credential records

I think the main idea is to take coherent snapshots of the current credentials at the moment a syscall's made, so that it can follow the request all the way through to completion.

In a multithreaded app, you could have races on some of the details, because not all credentials are per-thread. The kernel may have reason to examine your credentials more than once through the process of executing a system call, and those could be spaced widely in time.

Imagine symlink traversal over a slow link. I remember reading somewhere that Linux's support for deep directory structures and high levels of symlink nesting means a single directory lookup could cause 300MB of disk to get read if you set things up right. :-) An attacker would be motivated to do just that.