Date: Tue, 02 Oct 2012 19:31:48 +0200 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: d@delphij.net Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>, Erik Cederstrand <erik@cederstrand.dk> Subject: Re: Opinion on checking return value of setuid(getuid())? Message-ID: <86obkkixvf.fsf@ds4.des.no> In-Reply-To: <50697975.4070609@delphij.net> (Xin Li's message of "Mon, 01 Oct 2012 04:07:33 -0700") References: <9DD86238-51C8-4F38-B7EB-BD773039888B@cederstrand.dk> <50697975.4070609@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Xin Li <delphij@delphij.net> writes: > How can the check be even reached in setuid(getuid()) case? It's also > conflict with intuition by the way -- we are not changing ownership of > the process, thus the process number should not change... See http://lxr.linux.no/linux+v3.6/kernel/sys.c#L646 DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86obkkixvf.fsf>