Timeline for In a UID namespace, can I setuid to an unmapped UID?
Current License: CC BY-SA 3.0
6 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Feb 7, 2014 at 4:26 | comment | added | Sophie Swett | I finally had the opportunity to test things, and it looks like this answer is incorrect. (Sorry if I'm beating a dead horse here.) If you run seteuid(50) without a matching substitution, overflowuid will not be substituted; instead, the call will fail with EINVAL. | |
| Jan 30, 2014 at 1:23 | comment | added | Sophie Swett | I'm not fluent in kernelese, but for what it's worth, I looked at the Linux source code, and it looks like "default to 65534" is only the behavior for mapping a uid from outside a namespace into it. If you're trying to map a uid from inside a namespace out of it, the operation simply fails with EINVAL. So this makes it look like seteuid(50) will fail, since uid 50 as seen from the inside has no mapping outside the namespace. | |
| Jan 30, 2014 at 1:17 | comment | added | Sophie Swett | You say your euid will be "still 65534". Since the program is running as uid 1000, won't its euid be 1000 as seen from the outside, and 0 as seen from the inside? If I run seteuid(50), according to you, it sounds like my euid will then be 65534 as seen from the outside. Will my euid be 50 as seen from the inside, as I'd expect? | |
| Jan 21, 2014 at 13:00 | history | edited | slm♦ | CC BY-SA 3.0 | deleted 25 characters in body |
| Jan 21, 2014 at 12:47 | review | First posts | |||
| Jan 21, 2014 at 12:55 | |||||
| Jan 21, 2014 at 12:30 | history | answered | etherfish | CC BY-SA 3.0 |