thread pool helpers

Gerald Carter jerry at
Thu Apr 30 14:56:37 GMT 2009

Hash: SHA1

tridge at wrote:
> Hi Jerry,
>> Nope.  Access checks are in users space. 
> do you do anything to combat the race conditions? For example, a user
> might exploit a user space access check by doing this:
>   while :; do
>   	ln -sf /etc/shadow /home/baduser/myfile.txt
>   	ln -sf /home/baduser/innocent.txt /home/baduser/myfile.txt
>   done
> then try to access myfile.txt via SMB. If the access check happens
> while the file points at innocent.txt and the real open happens while
> pointing at /etc/shadow then the user will end up opening
> /etc/shadow. Implementing the above hack in C raises the chances of
> success as well.
> You can do inode number checks to combat this a bit, but that doesn't
> work for newly created files in sensitive locations.

Honestly, right now it doesn't.  I'm still working on it.
But for a create disposition of FILE_OPEN, technically
you could open() and operate on the fd exclusively.  SO
right now this would be something like:

   fd = open()
   secdesc = GetSecurityDescriptor(fd)
   if (!RtlAccessCheck(token, secdesc)) {

Do you agree?

The create/overwrite is a little tricker.  I'll have
to think about an answer for those cases more.

>>  However, for platforms that could give me a per 
>> thread setreuid(), I would look at using that.
> strangely enough, the Linux kernel can give you that, 
> if you bypass glibc and use syscall() to change your euid.

Ahh...I thought this was considered a bug and disabled in
newer kernels.  Sounds like I need to go back and read
up some more.

> Rusty is currently trying to build "libantithread" which 
> tries to provide this functionality on top of fork().
> See

Cool.  Thanks for the link.

cheers, jerry
- --
=====================================================================                                         CODE
"What man is a man who does not make the world better?"      --Balian
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla -


More information about the samba-technical mailing list