[ovs-dev] [PATCH 06/21] daemon_switch_user: Improve portablility

Takashi Yamamoto yamamoto at midokura.com
Mon Oct 19 06:48:33 UTC 2015


On Mon, Oct 19, 2015 at 3:14 PM, Andy Zhou <azhou at nicira.com> wrote:
> On Sun, Oct 18, 2015 at 9:28 PM, YAMAMOTO Takashi <yamamoto at midokura.com> wrote:
>> NetBSD doesn't have [gs]etres[ug]id.
>> Signed-off-by: YAMAMOTO Takashi <yamamoto at midokura.com>
>> ---
>>  lib/daemon-unix.c | 40 ++++++++++++++++++----------------------
>>  1 file changed, 18 insertions(+), 22 deletions(-)
> Thanks for testing on NetBSD.
> I am concerned that on platforms supports saved uid, Would this patch
> leave that value not changed, thus open up a security risk?
> How about we add a stub version of [gs]etres[ug]id for the NetBSD
> platform that can safely ignore the saved uid/ gid for that platform?

NetBSD has saved uid/gid.
saved ids are expected to be changed by set[ug]id.

i'm not sure what security risks you are concerning about.

More information about the dev mailing list