Changing back to per-thread credentials on Linux (fixing native AIO).
Volker Lendecke
Volker.Lendecke at SerNet.DE
Mon Jul 2 00:44:29 MDT 2012
On Sun, Jul 01, 2012 at 07:44:25PM -0400, simo wrote:
> Volker, a couple of years back, at a RH Summit (2010 I think) I spoke
> with Uli (then RH and upstream glibc maintainer) about per thread ids.
>
> He said that using the syscalls directly would have worked. I do not
> know how official this may have been at the time, and I am not sure how
> official an answer you may get now, but intentionally breaking syscall()
> is something I do not see ever happening, it would be stupid and
> useless.
A couple of years ago at a Q&A session after a Linuxtag talk
in Berlin I asked Ulrich about clone() and syscall(). He
said that this combination is not supported, as it breaks
internal pthread data structures.
64-bit code breaking on 32-bit platforms is an indication
for me that the syscall() workaround for per-thread
credentials is nothing that the glibc authors have on their
radar. I could very well imagine that once we start beating
that we either break subtle internal assumptions or they
pull the plug on it for the same reason clone() was
abandoned.
I would not argue so much if this was a statvfs module for
an obscure file system on a proprietary niche platform. This
is the basis for our security on our main platform. We do
not need syscall() to solve our immediate problems.
Yes, threads with creds will stay, but before we officially
get support for them I have serious doubts we should do it
in a hurry.
Things will change if we get confirmation from the glibc
maintainers that the syscall() way is the officially
supported API for per-thread credentials.
With best regards,
Volker Lendecke
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
More information about the samba-technical
mailing list