On Wed, Aug 7, 2013 at 9:21 AM, Oleg Nesterov <[email protected]> wrote: > On 08/06, Andy Lutomirski wrote: >> >> I assume that what the man page means is that the return value is >> whatever fsgid was prior to the call. On error, fsgid isn't changed, so >> the return value is still "current". > > Probably... Still > > On success, the previous value of fsuid is returned. > On error, the current value of fsuid is returned. > > looks confusing. sys_setfsuid() always returns the old value. > >> (FWIW, this behavior is awful and is probably the cause of a security >> bug or three, since success and failure are indistinguishable. > > At least this all looks strange. > > I dunno if we can change this old behaviour. I won't be surprized > if someone already uses setfsuid(-1) as getfsuid().
I suspect that changing this without introducing security or other bugs is impossible. If someone wanted to add new_setfsuid that returned an error when it failed, that would be a different story. (I'm not going to do that myself.) > > And perhaps the man page should be changed. Add Michael. Agreed. The text is a bit odd. > > Oleg. > -- Andy Lutomirski AMA Capital Management, LLC -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
