Bug 149025 - setuid()/setreuid() does not affect all threads
setuid()/setreuid() does not affect all threads
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: kernel (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Ingo Molnar
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-02-17 18:28 EST by Kurtis D. Rader
Modified: 2007-11-30 17:07 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-09-15 15:21:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Kurtis D. Rader 2005-02-17 18:28:59 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; rv:1.7.3)
Gecko/20041002 Firefox/0.10.1

Description of problem:
A call to setuid(), setreuid(), setgid(), or setregid() for a
multi-thread process using NPTL changes only the id of the calling
thread. This violates POSIX thread semantics. The following trivial
program illustrates the problem:

#include <pthread.h>
#include <stdio.h>
#include <stdlib.h>

void *thread_start( void *x ) {
    fprintf( stdout, "in thread_start\n" );
    sleep( 2 );
    fprintf( stdout, "thread_start(): getuid=%d\n", getuid() );
    pause();
}

int main( int argc, char **argv ) {
    int x;
    pthread_t tid;

    x = pthread_create( &tid, NULL, &thread_start, NULL );
    fprintf( stdout, "x=%d, tid = %d\n", x, tid );
    fprintf( stdout, "before setreuid(): getuid=%d\n", getuid() );
    setreuid( 500, 500 );
    fprintf( stdout, "after setreuid():  getuid=%d\n", getuid() );
    pause();
}


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Compile the above program; e.g., "cc -o x x.c -phtread"
2. Run as root
    

Actual Results:  x=0, tid = 1082128736
before setreuid(): getuid=0
after setreuid():  getuid=500
in thread_start
thread_start(): getuid=0


Expected Results:  x=0, tid = 1082128736
before setreuid(): getuid=0
after setreuid():  getuid=500
in thread_start
thread_start(): getuid=500


Additional info:
Comment 4 Ingo Molnar 2005-09-15 15:21:20 EDT
this problem is a known property of the upstream kernel and cannot be fixed in
any simple way without first getting broad upstream acceptance. Doing
per-process suid is a complex and invasive change that has been rejected upstream.

Note You need to log in before you can comment on or make changes to this bug.