Changing back to per-thread credentials on Linux (fixing native AIO).

simo idra at
Sun Jul 1 05:54:25 MDT 2012

On Sun, 2012-07-01 at 10:42 +0200, Volker Lendecke wrote: 
> Hi, Jeremy!
> On Wed, Jun 27, 2012 at 09:51:12AM -0700, Jeremy Allison wrote:
> > Comments please !
> IMHO we need to block or redirect all use of the glibc
> setX[ug]id calls with LD_PRELOAD or an equivalent mechanism.
> There might be external libraries subverting our security
> model by calling them.

Libraries should never call setXXid() calls, it makes no sense and it is
completely thread-unsafe.
It is simply not done.
I do not think we should ever worry about that.
The uid wrapper stuff proves we never had that issue so far.


Simo Sorce
Samba Team GPL Compliance Officer <simo at>
Principal Software Engineer at Red Hat, Inc. <simo at>

More information about the samba-technical mailing list