Re: [PATCH] exec: clarify reasoning for euid/egid reset

Kees Cook wrote: > - /* clear any previous set[ug]id data from a previous binary */ > + /* > + * Since this can be called multiple times (via prepare_binprm), > + * we must clear any previous work done when setting set[ug]id > + * bits from any

Re: [PATCH] exec: clarify reasoning for euid/egid reset

Kees Cook wrote: > - /* clear any previous set[ug]id data from a previous binary */ > + /* > + * Since this can be called multiple times (via prepare_binprm), > + * we must clear any previous work done when setting set[ug]id > + * bits from any earlier bprm->file uses (for

Re: [PATCH] exec: clarify reasoning for euid/egid reset

Quoting Kees Cook (keesc...@chromium.org): > This section of code initially looks redundant, but is required. This > improves the comment to explain more clearly why the reset is needed. > > Signed-off-by: Kees Cook Thanks, Kees. Acked-by: Serge E. Hallyn

Re: [PATCH] exec: clarify reasoning for euid/egid reset

Quoting Kees Cook (keesc...@chromium.org): > This section of code initially looks redundant, but is required. This > improves the comment to explain more clearly why the reset is needed. > > Signed-off-by: Kees Cook Thanks, Kees. Acked-by: Serge E. Hallyn > --- > fs/exec.c | 7 ++- > 1

[PATCH] exec: clarify reasoning for euid/egid reset

This section of code initially looks redundant, but is required. This improves the comment to explain more clearly why the reset is needed. Signed-off-by: Kees Cook --- fs/exec.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/fs/exec.c

[PATCH] exec: clarify reasoning for euid/egid reset

This section of code initially looks redundant, but is required. This improves the comment to explain more clearly why the reset is needed. Signed-off-by: Kees Cook --- fs/exec.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/fs/exec.c b/fs/exec.c index