setgroups hook

• Next in thread: Chris Wright: "Re: setgroups hook"
• Reply: Chris Wright: "Re: setgroups hook"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

The setgroups16 system call (in kernel/uid16.c) is not protected by the
task_ops->setgroups
hook. Unfortunately, adding this hook isn't completely straightforward. The
problem is that
the group list in setgroups16 is 16-bit, while the task_ops->setgroups hook
expects 32-bit
gid's. There seem to be two reasonable solutions:

(1) Add a parameter to the setgroups hook to give the list format.

(2) Change the existing code to convert the array to 32-bit gid's and call
the
     normal setgroups function.

Just wanted to get peoples thoughts before I wrote a patch.

Cheers,
      Antony


_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Chris Wright: "Re: setgroups hook"
• Next in thread: Chris Wright: "Re: setgroups hook"
• Reply: Chris Wright: "Re: setgroups hook"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Feb 02 2002 - 17:02:40 PST