git.decadent.org.uk Git - nfs-utils.git/commit

]> git.decadent.org.uk Git - nfs-utils.git/commit

author	kwc@citi.umich.edu <kwc@citi.umich.edu>
	Mon, 3 Jul 2006 22:34:21 +0000 (18:34 -0400)
committer	Neil Brown <neilb@suse.de>
	Tue, 4 Jul 2006 00:27:15 +0000 (10:27 +1000)
commit	0b2a5b574c7ffd99aa3226d36e1d261826405625
tree	1a6cc3a53c58b73e702baf5ac4af22b16d877aaf	tree \| snapshot
parent	0f899e6d862994ffb437ae73e087c4a21ab59723	commit \| diff

Use setfsuid() rather than seteuid() while creating contexts

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
As suggested by Olaf Kirch <okir@suse.de>, use setfsuid() rather than
seteuid() when creating a gss context. This prevents users from using
credentials that do not belong to them, while also preventing them from
doing things like killing, renicing, or changing the priority of the
gssd process while it is processing the context creation.

utils/gssd/gssd_proc.c

diff | blob | history

Debian package of nfs-utils

RSS Atom