Date: Tue, 6 Feb 2001 10:24:39 +1100 (EST) From: Bruce Evans <bde@zeta.org.au> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: Nathan Gould <ngould@zoo.co.uk>, freebsd-arch@FreeBSD.ORG Subject: Re: Tests for NULL p_ucred under p_cred -- are they needed? Message-ID: <Pine.BSF.4.21.0102060944420.21359-100000@besplex.bde.org> In-Reply-To: <Pine.NEB.3.96L.1010205102219.74962L-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 5 Feb 2001, Robert Watson wrote: > In any case, there seems to be some inconsistency. It would seem that > either (a) it is an invariant that p_cred is non-NULL for all reachable > processes via various process lists (except unused processes), (b) it's an > invariant that p_cred is non-NULL between the end of fork1() and the > beginning of exit(), and that p_cred is therefore always defined if you're > acting on behalf of the process, but not necessarily if you're acting on > the process. > > Clearly, (1) would make life easier, and mean we could remove a fair > number of checks. However, it may be that (b) is the case, in which case > the signal code might require fixing, or the invariants it depends on at > least require documenting. This relevant also as I overhaul the process > access control routines, because I need to know if it's possible to have > processes without credentials, and if so, what it means. p_cred is actually non-NULL until the middle of wait1(), so we are at least close to case (a), and processes "always" have credentials -- even zombies have them. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0102060944420.21359-100000>