Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(650)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 3493012: Security patches: RestartJob ignores pid, argv[0]; kill runs as child UID (Closed)

Created:
10 years, 3 months ago by Chris Masone
Modified:
9 years, 7 months ago
Reviewers:
Will Drewry
CC:
chromium-os-reviews_chromium.org, Chris Masone
Visibility:
Public.

Description

Security patches: RestartJob ignores pid, argv[0]; kill runs as child UID BUG=chromium-os:7018 TEST=unit tests, install on device and verify that we can go to BWSI mode Change-Id: Ic5eb082bf1399d961ee8a15f0a70b8bc2039f9d3 Committed: http://chrome-svn/viewvc/chromeos?view=rev&revision=d6a119a

Patch Set 1 #

Total comments: 2

Patch Set 2 : added comments, using -1 as suid in setresuid() calls #

Unified diffs Side-by-side diffs Delta from patch set Stats (+72 lines, -22 lines) Patch
M child_job.h View 3 chunks +2 lines, -3 lines 0 comments Download
M child_job.cc View 2 chunks +8 lines, -1 line 0 comments Download
M child_job_unittest.cc View 1 chunk +2 lines, -1 line 0 comments Download
M mock_system_utils.h View 1 chunk +1 line, -1 line 0 comments Download
M session_manager_service.cc View 3 chunks +15 lines, -5 lines 0 comments Download
M session_manager_unittest.cc View 7 chunks +26 lines, -7 lines 0 comments Download
M system_utils.h View 1 1 chunk +4 lines, -1 line 0 comments Download
M system_utils.cc View 1 1 chunk +14 lines, -3 lines 0 comments Download

Messages

Total messages: 3 (0 generated)
Chris Masone
10 years, 3 months ago (2010-09-24 17:42:14 UTC) #1
Will Drewry
LGTM w/nit This is certainly better than -STOP, check /proc, -CONT, though if we do ...
10 years, 3 months ago (2010-09-24 17:48:48 UTC) #2
Chris Masone
10 years, 3 months ago (2010-09-24 17:58:45 UTC) #3 
http://codereview.chromium.org/3493012/diff/1/8
File system_utils.cc (right):

http://codereview.chromium.org/3493012/diff/1/8#newcode30
system_utils.cc:30: if (setresuid(owner, owner, suid)) {
On 2010/09/24 17:48:48, Will Drewry wrote:
> I believe suid==-1 will leave it unchanged.  That said, it's possible you were
> running as root but didn't have a suid of 0.  It might be worth doing:
> 
> getresuid(&uid, &euid, &suid);
> suid = 0;
> ...
> 
> Just to not hti any weird edge conditions if session_manager or any callers of
> this code are run in another way.

Can't force it to 0, as unit tests are run as non-root.  I'll use -1 instead of
|suid|, though

Powered by Google App Engine
This is Rietveld 408576698