Bug 149025
| Summary: | setuid()/setreuid() does not affect all threads | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 3 | Reporter: | Kurtis D. Rader <krader> |
| Component: | kernel | Assignee: | Ingo Molnar <mingo> |
| Status: | CLOSED WONTFIX | QA Contact: | Brian Brock <bbrock> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 3.0 | CC: | alan, peterm, petrides, riel, sct, tburke |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2005-09-15 19:21:20 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
this problem is a known property of the upstream kernel and cannot be fixed in any simple way without first getting broad upstream acceptance. Doing per-process suid is a complex and invasive change that has been rejected upstream. |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; rv:1.7.3) Gecko/20041002 Firefox/0.10.1 Description of problem: A call to setuid(), setreuid(), setgid(), or setregid() for a multi-thread process using NPTL changes only the id of the calling thread. This violates POSIX thread semantics. The following trivial program illustrates the problem: #include <pthread.h> #include <stdio.h> #include <stdlib.h> void *thread_start( void *x ) { fprintf( stdout, "in thread_start\n" ); sleep( 2 ); fprintf( stdout, "thread_start(): getuid=%d\n", getuid() ); pause(); } int main( int argc, char **argv ) { int x; pthread_t tid; x = pthread_create( &tid, NULL, &thread_start, NULL ); fprintf( stdout, "x=%d, tid = %d\n", x, tid ); fprintf( stdout, "before setreuid(): getuid=%d\n", getuid() ); setreuid( 500, 500 ); fprintf( stdout, "after setreuid(): getuid=%d\n", getuid() ); pause(); } Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Compile the above program; e.g., "cc -o x x.c -phtread" 2. Run as root Actual Results: x=0, tid = 1082128736 before setreuid(): getuid=0 after setreuid(): getuid=500 in thread_start thread_start(): getuid=0 Expected Results: x=0, tid = 1082128736 before setreuid(): getuid=0 after setreuid(): getuid=500 in thread_start thread_start(): getuid=500 Additional info: