[torquedev] Disappearence of /dev/null
Eygene Ryabinkin
rea+maui at grid.kiae.ru
Thu Aug 5 12:02:33 MDT 2010
Thu, Aug 05, 2010 at 10:58:24AM -0700, Garrick Staples wrote:
> There are very few unlink calls for user-specified filenames. I say we
> just make sure we have fork()'d off a child that setuid()'s itself to
> the user.
>
> If this is a problem for /dev/null, then it could be a problem for any
> file.
Holy truth. We can just do seteuid/setegid for the time of unlink
calls and set our e[ug]id back once they are done -- this will be
cheaper and won't leave the possibility for problems: effective
user/group IDs are checked for FS permissions, so we should be
safe here.
Will try to draft the patch using this approach.
Thanks.
--
Eygene Ryabinkin, Russian Research Centre "Kurchatov Institute"
More information about the torquedev
mailing list