Bug 141108 - futimes() fails after setuid()
futimes() fails after setuid()
Product: Fedora
Classification: Fedora
Component: glibc (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Jakub Jelinek
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2004-11-29 05:45 EST by Oskari Saarenmaa
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-11-29 08:19:04 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Oskari Saarenmaa 2004-11-29 05:45:30 EST
Description of problem:
It appears that setuid() does not change the ownership of files under
/proc/self.  I am not sure whether or not it should do that, but since
futimes() is implemented as a call to utimes() on /proc/[pid]/fd/[fd]
on Linux, and that symlink is owned by root (or whoever we were before
setuid), the calls always fail in applications that have switched uids.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. setuid() to another user
2. attempt to futimes() a fd
Actual Results:  futimes() fails with EACCES

Expected Results:  futimes() succeeds, changing the times on the
target file
Comment 1 Jakub Jelinek 2004-11-29 08:19:04 EST
At least as long as futimes is implemented using utimes on /proc/<pid>/fd/<N>
(there is no other way ATM to do that from userland), that is expected behaviour.
If you setuid to another user, you make the task non-dumpable, therefore
/proc/<pid>/fd must not be visible to anybody but superuser.  That is necessary
for security reasons.

Note You need to log in before you can comment on or make changes to this bug.