This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Declare set*id with warn_unused_result


On Tue, Jul 24, 2012 at 01:58:28PM +0200, Florian Weimer wrote:
> On Linux (except very current versions without funky security
> modules), set*uid can fail with EAGAIN when RLIMIT_NPROC would be
> exceeded. Missing return value checks are known to result in
> privilege escalation vulnerabilities.  It is a common coding error
> to call setuid before setgid, so that the setgid fails, and checking
> for the setgid result should prevent this mistake from going
> unnoticed.  Therefore, I think it makes sense to add the attribute
> to both groups of functions.

Hopefully this will also generate a warning for the unsafe usage in
NPTL's setxid wrapper and get somebody to address bug #13347 which has
so far been completely ignored...

Rich


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]