Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1761734AbXFDUBR (ORCPT ); Mon, 4 Jun 2007 16:01:17 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1759009AbXFDUBF (ORCPT ); Mon, 4 Jun 2007 16:01:05 -0400 Received: from cantor.suse.de ([195.135.220.2]:52240 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1759903AbXFDUBE (ORCPT ); Mon, 4 Jun 2007 16:01:04 -0400 To: Jeff Dike Cc: Zach Brown , Ingo Molnar , LKML Subject: Re: Syslets, signals, and security References: <20070604163145.GA7144@c2.user-mode-linux.org> <20070604174542.GD29201@mami.zabbo.net> <20070604191349.GA8903@c2.user-mode-linux.org> From: Andi Kleen Date: 04 Jun 2007 22:57:34 +0200 In-Reply-To: <20070604191349.GA8903@c2.user-mode-linux.org> Message-ID: User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 983 Lines: 18 Jeff Dike writes: > How about splitting the credentials out of the task_struct and making > them sharable ala ->mm et al? You change uid there and it changes for > everyone. It will make fork slightly more expensive though. Strictly that's required by POSIX anyways. But it's a real mess. The problem is that you would need to reference count/lock them in every syscall or ioctl or similar. Otherwise another thread could change them in the middle of a syscall which wouldn't be good. Doing this full reference counting would be probably somewhat expensive with more locked cycles and also a lot of work to implement. You would need to audit large parts of the source tree. I don't think it's a good idea. -Andi - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/