diff options
| author | Olga Kornievskaia <kolga@netapp.com> | 2016-04-28 16:27:14 -0400 |
|---|---|---|
| committer | Steve Dickson <steved@redhat.com> | 2016-04-29 10:38:02 -0400 |
| commit | 792c2a597c770738cf5c4433724504a5fc4ff7f5 (patch) | |
| tree | a07d30af3798c32e97eca345eaa611cd99b60408 | |
| parent | 8c34e538ef7492fda87b640343996dd33a2fde1d (diff) | |
| download | nfs-utils-792c2a597c770738cf5c4433724504a5fc4ff7f5.tar.gz nfs-utils-792c2a597c770738cf5c4433724504a5fc4ff7f5.tar.xz nfs-utils-792c2a597c770738cf5c4433724504a5fc4ff7f5.zip | |
gssd: using syscalls directly to change thread's identity
For the threaded version we have to set uid,gid per thread instead
of per process. glibc setresuid() when called from a thread, it'll
send a signal to all other threads to synchronize the uid in all
other threads. To bypass this, we have to call syscall() directly.
Reviewed-by: Jeff Layton <jlayton@poochiereds.net>
Reviewed-by: Steve Dickson <steved@redhat.com>
Signed-off-by: Olga Kornievskaia <kolga@netapp.com>
| -rw-r--r-- | utils/gssd/gssd_proc.c | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/utils/gssd/gssd_proc.c b/utils/gssd/gssd_proc.c index dd744dd..66a9d11 100644 --- a/utils/gssd/gssd_proc.c +++ b/utils/gssd/gssd_proc.c @@ -69,6 +69,7 @@ #include <netdb.h> #include <sys/types.h> #include <sys/wait.h> +#include <syscall.h> #include "gssd.h" #include "err_util.h" @@ -436,7 +437,7 @@ change_identity(uid_t uid) struct passwd *pw; /* drop list of supplimentary groups first */ - if (setgroups(0, NULL) != 0) { + if (syscall(SYS_setgroups, 0, 0) != 0) { printerr(0, "WARNING: unable to drop supplimentary groups!"); return errno; } @@ -453,20 +454,18 @@ change_identity(uid_t uid) } } - /* - * Switch the GIDs. Note that we leave the saved-set-gid alone in an - * attempt to prevent attacks via ptrace() + /* Switch the UIDs and GIDs. */ + /* For the threaded version we have to set uid,gid per thread instead + * of per process. glibc setresuid() when called from a thread, it'll + * send a signal to all other threads to synchronize the uid in all + * other threads. To bypass this, we have to call syscall() directly. */ - if (setresgid(pw->pw_gid, pw->pw_gid, -1) != 0) { + if (syscall(SYS_setresgid, pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) { printerr(0, "WARNING: failed to set gid to %u!\n", pw->pw_gid); return errno; } - /* - * Switch UIDs, but leave saved-set-uid alone to prevent ptrace() by - * other processes running with this uid. - */ - if (setresuid(uid, uid, -1) != 0) { + if (syscall(SYS_setresuid, uid, uid, uid) != 0) { printerr(0, "WARNING: Failed to setuid for user with uid %u\n", uid); return errno; |