[Bugs] [Bug 1221490] New: fuse: check return value of setuid
bugzilla at redhat.com
bugzilla at redhat.com
Thu May 14 07:31:50 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1221490
Bug ID: 1221490
Summary: fuse: check return value of setuid
Product: GlusterFS
Version: mainline
Component: fuse
Assignee: bugs at gluster.org
Reporter: prasanna.kalever at redhat.com
CC: bugs at gluster.org, gluster-bugs at redhat.com
Description of problem:
setuid() sets the effective user ID of the calling process. If the effective
UID of the caller is root, the real UID and saved set-user-ID are also set.
On success, zero is returned. On error, -1 is returned, and errno is set
appropriately.
Note: there are cases where setuid() can fail even when the caller is UID 0; it
is a grave security error to omit checking for a failure return from setuid().
if an environment limits the number of processes a user can have, setuid()
might fail if the target uid already is at the limit.
Version-Release number of selected component (if applicable):
mainline
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
More information about the Bugs
mailing list