|
From: | Stefan Weil |
Subject: | Re: [Qemu-devel] [PATCH] virtfs-proxy-helper: check return code of setfsgid/setfsuid |
Date: | Wed, 10 Oct 2012 18:23:27 +0200 |
User-agent: | Mozilla/5.0 (X11; Linux i686; rv:15.0) Gecko/20120912 Thunderbird/15.0.1 |
Am 10.10.2012 18:17, schrieb Paolo Bonzini:
Il 10/10/2012 18:14, Stefan Weil ha scritto:diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c index f9a8270..b34a84a 100644 --- a/fsdev/virtfs-proxy-helper.c +++ b/fsdev/virtfs-proxy-helper.c @@ -290,8 +290,12 @@ static int setfsugid(int uid, int gid) CAP_DAC_OVERRIDE, }; - setfsgid(gid); - setfsuid(uid); + if (setfsgid(gid) != 0) { + return -1; + }Wouldn't setfsgid(gid) == gid be also ok?Of course, it should be < 0. I have no idea how to test this thing... Paolo
< 0 would be wrong because it looks like both functions never return negative values. I just wrote a small test program (see below) and called it with different uids with and without root rights. This pattern should be fine: new_uid = setfsuid(uid); if (new_uid != 0 && new_uid != uid) { return -1; } Stefan #include <stdio.h> #include <stdlib.h> #include <unistd.h> /* glibc uses <sys/fsuid.h> */ #include <sys/fsuid.h> int main(int argc, char *argv[]) { uid_t fsuid = strtoul(argv[1], 0, 0); int r = setfsuid(fsuid); printf("setfsuid(%u) returned %u\n", fsuid, r); return 0; }
[Prev in Thread] | Current Thread | [Next in Thread] |