https://bugzilla.kernel.org/show_bug.cgi?id=42704 --- Comment #2 from KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx> 2012-04-18 00:23:10 --- Hmm.. I'm not Vasiliy and I couldn't add him to cc list (I don't know why). But maybe I can answer this. Now, many many applications don't check the return code and this ignorance may make critical security issue. set*id() is usually used for dropping root privilege and then a failure mean application run untrusted code w/ root privilege. that's dangerous. then, set*id() should ignore rlimit and always can drop a privilege. In the other hand, execve() is used for getting a privilege. then a failure is not security threat. Next, applications still should check set*uid() return value because it may run on older kernel. thank you. -- Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
