jyapayne/musl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
musl/src/process
History
Rich Felker d5304147b9 block uid/gid changes during posix_spawn 
usage of vfork creates a situation where a process of lower privilege
may momentarily have write access to the memory of a process of higher
privilege.

consider the case of a multi-threaded suid program which is calling
posix_spawn in one thread while another thread drops the elevated
privileges then runs untrusted (relative to the elevated privilege)
code as the original invoking user. this untrusted code can then
potentially modify the data the child process will use before calling
exec, for example changing the pathname or arguments that will be
passed to exec.

note that if vfork is implemented as fork, the lock will not be held
until the child execs, but since memory is not shared it does not
matter.
2012-10-15 11:42:46 -04:00
..
i386 support vfork on i386 2011-10-14 23:56:31 -04:00
x86_64 x86_64 vfork implementation 2012-02-06 18:23:11 -05:00
execl.c correct variadic prototypes for execl* family 2011-04-27 16:06:33 -04:00
execle.c correct variadic prototypes for execl* family 2011-04-27 16:06:33 -04:00
execlp.c correct variadic prototypes for execl* family 2011-04-27 16:06:33 -04:00
execv.c initial check-in, version 0.5.0 2011-02-12 00:22:29 -05:00
execve.c global cleanup to use the new syscall interface 2011-03-20 00:16:43 -04:00
execvp.c fix various bugs in path and error handling in execvp/fexecve 2011-09-29 00:48:04 -04:00
fdop.h fix backwards posix_spawn file action order 2011-05-29 12:58:02 -04:00
fexecve.c fix various bugs in path and error handling in execvp/fexecve 2011-09-29 00:48:04 -04:00
fork.c use weak aliases rather than function pointers to simplify some code 2011-08-06 20:09:51 -04:00
posix_spawn.c block uid/gid changes during posix_spawn 2012-10-15 11:42:46 -04:00
posix_spawn_file_actions_addclose.c fix backwards posix_spawn file action order 2011-05-29 12:58:02 -04:00
posix_spawn_file_actions_adddup2.c fix backwards posix_spawn file action order 2011-05-29 12:58:02 -04:00
posix_spawn_file_actions_addopen.c use restrict everywhere it's required by c99 and/or posix 2008 2012-09-06 22:44:55 -04:00
posix_spawn_file_actions_destroy.c add file actions support to posix_spawn 2011-05-28 23:30:47 -04:00
posix_spawn_file_actions_init.c initial implementation of posix_spawn 2011-05-28 18:36:30 -04:00
posix_spawnattr_destroy.c add missing posix_spawnattr_init/destroy functions 2011-09-13 14:45:59 -04:00
posix_spawnattr_getflags.c use restrict everywhere it's required by c99 and/or posix 2008 2012-09-06 22:44:55 -04:00
posix_spawnattr_getpgroup.c use restrict everywhere it's required by c99 and/or posix 2008 2012-09-06 22:44:55 -04:00
posix_spawnattr_getsigdefault.c use restrict everywhere it's required by c99 and/or posix 2008 2012-09-06 22:44:55 -04:00
posix_spawnattr_getsigmask.c use restrict everywhere it's required by c99 and/or posix 2008 2012-09-06 22:44:55 -04:00
posix_spawnattr_init.c add missing posix_spawnattr_init/destroy functions 2011-09-13 14:45:59 -04:00
posix_spawnattr_setflags.c initial implementation of posix_spawn 2011-05-28 18:36:30 -04:00
posix_spawnattr_setpgroup.c initial implementation of posix_spawn 2011-05-28 18:36:30 -04:00
posix_spawnattr_setsigdefault.c use restrict everywhere it's required by c99 and/or posix 2008 2012-09-06 22:44:55 -04:00
posix_spawnattr_setsigmask.c use restrict everywhere it's required by c99 and/or posix 2008 2012-09-06 22:44:55 -04:00
posix_spawnp.c use restrict everywhere it's required by c99 and/or posix 2008 2012-09-06 22:44:55 -04:00
system.c initial check-in, version 0.5.0 2011-02-12 00:22:29 -05:00
vfork.c make available a namespace-safe vfork, if supported 2011-10-14 23:34:12 -04:00
wait.c initial check-in, version 0.5.0 2011-02-12 00:22:29 -05:00
waitid.c overhaul pthread cancellation 2011-04-17 11:43:03 -04:00
waitpid.c overhaul pthread cancellation 2011-04-17 11:43:03 -04:00