Use setfsuid() rather than seteuid() while creating contexts
authorkwc@citi.umich.edu <kwc@citi.umich.edu>
Mon, 3 Jul 2006 22:34:21 +0000 (18:34 -0400)
committerNeil Brown <neilb@suse.de>
Tue, 4 Jul 2006 00:27:15 +0000 (10:27 +1000)
commit0b2a5b574c7ffd99aa3226d36e1d261826405625
tree1a6cc3a53c58b73e702baf5ac4af22b16d877aaf
parent0f899e6d862994ffb437ae73e087c4a21ab59723
Use setfsuid() rather than seteuid() while creating contexts

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
As suggested by Olaf Kirch <okir@suse.de>, use setfsuid() rather than
seteuid() when creating a gss context.  This prevents users from using
credentials that do not belong to them, while also preventing them from
doing things like killing, renicing, or changing the priority of the
gssd process while it is processing the context creation.
utils/gssd/gssd_proc.c