[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 09/11] libxl: Kill QEMU with "reaper" ruid

George Dunlap writes ("[PATCH v3 09/11] libxl: Kill QEMU with "reaper" ruid"):
> Using kill(-1) to killing an untrusted dm process with the real uid
> equal to the dm_uid isn't guaranteed to succeed: the process in
> question may be able to kill the reaper process after the setresuid()
> and before the kill().
> +/*
> + * Look up "reaper UID".  If present and non-root, returns 0 and sets
> + * reaper_uid.  Otherwise returns libxl-style error.
> + */

Might be worth mentioning that this function expects to be called in a
subprocess, for a variety of reasons including because it takes a lock.


Acked-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.