Patchset to add asynchronous open/close to master
Jeremy Allison
jra at samba.org
Thu Jun 21 10:31:47 MDT 2012
On Thu, Jun 21, 2012 at 08:24:28AM +0200, Volker Lendecke wrote:
> On Thu, Jun 21, 2012 at 08:18:33AM +0200, Stefan (metze) Metzmacher wrote:
> > > I'll prepare a patch for master/3.6.x
> > > to fix this issue.
> >
> > I think you need to test with the full unix token,
> > not only uid and gid.
>
> There's also the per-thread setfsuid and setfsgid
> linux-specific calls. But there's no setfsgroups call.
Yes you're right. Looking in the glibc sources
setfsuid aren't caught by the SETXID wrappers,
so they'll be thread specific on Linux.
What I'm thinking of is adding checks for
syscall(SYS_setreuid,...)
syscall(SYS_setregid,...)
syscall(SYS_setgroups,...)
and use them by preference inside smbd to
restore the semantics we were depending on,
(they'll fit inside source3/lib/util_sec.c)
and also use them inside worker functions
called from a threadpool to set the credentials
correctly for the IO operation.
Jeremy.
More information about the samba-technical
mailing list