342/376: Don't do vfork in conjunction with setuid

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

342/376: Don't do vfork in conjunction with setuid

From:	Ludovic Court�s
Subject:	342/376: Don't do vfork in conjunction with setuid
Date:	Wed, 28 Jan 2015 22:06:03 +0000

civodul pushed a commit to tag 1.8
in repository guix.

commit 851b47bd7de35f4464a67c991d55cbcb07230edc
Author: Eelco Dolstra <address@hidden>
Date:   Wed Dec 10 18:01:01 2014 +0100

    Don't do vfork in conjunction with setuid
---
 src/libstore/build.cc |    2 ++
 src/libutil/util.cc   |    3 +++
 2 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index ab8923b..36436d7 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -1914,6 +1914,8 @@ void DerivationGoal::startBuilder()
     builderOut.create();
 
     /* Fork a child to build the package. */
+    ProcessOptions options;
+    options.allowVfork = !buildUser.enabled();
     pid = startProcess([&]() {
         runChild();
     });
diff --git a/src/libutil/util.cc b/src/libutil/util.cc
index bdd114c..5895e72 100644
--- a/src/libutil/util.cc
+++ b/src/libutil/util.cc
@@ -825,6 +825,9 @@ void killUser(uid_t uid)
        users to which the current process can send signals.  So we
        fork a process, switch to uid, and send a mass kill. */
 
+    ProcessOptions options;
+    options.allowVfork = false;
+
     Pid pid = startProcess([&]() {
 
         if (setuid(uid) == -1)

[Prev in Thread]

Current Thread

[Next in Thread]

332/376: Always use https to fetch the Nixpkgs channel, (continued)
- 332/376: Always use https to fetch the Nixpkgs channel, Ludovic Court�s, 2015/01/28
- 326/376: Link against perl.dll on Cygwin, Ludovic Court�s, 2015/01/28
- 324/376: Set custom compiler flags on Cygwin, Ludovic Court�s, 2015/01/28
- 325/376: Fix library handling on Cygwin, Ludovic Court�s, 2015/01/28
- 335/376: Don't use RPATH on Darwin, Ludovic Court�s, 2015/01/28
- 337/376: Revert "Use posix_spawn to run the pager", Ludovic Court�s, 2015/01/28
- 334/376: Update signing.txt, Ludovic Court�s, 2015/01/28
- 336/376: Cruft, Ludovic Court�s, 2015/01/28
- 339/376: Include cacert in the binary tarball, Ludovic Court�s, 2015/01/28
- 340/376: Rename function, Ludovic Court�s, 2015/01/28
- 342/376: Don't do vfork in conjunction with setuid, Ludovic Court�s <=
- 341/376: Use vfork, Ludovic Court�s, 2015/01/28
- 345/376: allow custom docbook paths/URLs, use a working URL for docbook.rng, Ludovic Court�s, 2015/01/28
- 344/376: Urgh, Ludovic Court�s, 2015/01/28
- 343/376: Provide default pagers, Ludovic Court�s, 2015/01/28
- 346/376: Don't use ?=, Ludovic Court�s, 2015/01/28
- 347/376: Remove canary stuff, Ludovic Court�s, 2015/01/28
- 348/376: Remove dead code, Ludovic Court�s, 2015/01/28
- 350/376: Doh, Ludovic Court�s, 2015/01/28
- 338/376: Don't wait for PID -1, Ludovic Court�s, 2015/01/28
- 352/376: Get rid of unnecessary "interrupted by the user" message with -vvv, Ludovic Court�s, 2015/01/28

Prev by Date: 340/376: Rename function
Next by Date: 341/376: Use vfork
Previous by thread: 340/376: Rename function
Next by thread: 341/376: Use vfork
Index(es):
- Date
- Thread