unixcreds: use euid instead of uid #14
Conversation
|
I've already patched the issue with #13. What is the benefit of using euid over uid? The shim seems to have always used uid (really, just root). |
IIUC ttrpc can be used from other programs. Also, rather than checking the credential by ourselves, shouldn't we use Example: https://github.com/lxc/cgmanager/blob/8f599b54c8021f37c1eeb7394a30b9e5fd0870f9/access_checks.c#L187 |
|
@AkihiroSuda I reproduced what was already in the shim in the 1.0 for months. The documentation on what is the correct thing to use here is thin, so I don't know. |
|
For example, when a suid bit is set to a ttrpc server program, the EUID of the program corresponds to the binary file owner. cc @estesp PTAL? |
AkihiroSuda
force-pushed
the
avoid-os-user
branch
2 times, most recently
from
a8df331
to
89e62cb
Compare
|
LGTM Although i don't think we need to change the function name for this change |
|
Agree with @crosbymichael that the function name was fine; using |
|
Likewise, no need to be too verbose with the name, the intent stays the same. And agreed, EUID makes sense here |
AkihiroSuda
force-pushed
the
avoid-os-user
branch
from
89e62cb
to
234f2f7
Compare
|
reverted the function name |
|
test failure seems unrelated |
AkihiroSuda
force-pushed
the
avoid-os-user
branch
from
234f2f7
to
3e442f3
Compare
|
restarted CI and now green |
unixcreds.go
Outdated
| // UnixCredentialsFunc that will validate incoming unix connections against the | ||
| // current credentials. | ||
| // | ||
| // This is useful when using abstract sockets that are accessible by all users. | ||
| // | ||
| // This function validates the *effective* UID/GID rather than the real UID/GID. |
There was a problem hiding this comment.
Move this description to UnixSocketRequireUidGid and point to it here instead.
|
@AkihiroSuda Needs another rebase. |
AkihiroSuda
force-pushed
the
avoid-os-user
branch
from
3e442f3
to
b6a6283
Compare
|
done |
|
@AkihiroSuda Sigh. Again, pls. Sorry :( |
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
AkihiroSuda
force-pushed
the
avoid-os-user
branch
from
b6a6283
to
f2351f1
Compare
|
LGTM |
This commit also eliminates call for(EDIT: the segfault issue is already handled in #13)os/user.Current(),which segfaults when glibc is statically linkedin.
(moby/moby#29478)
Signed-off-by: Akihiro Suda suda.akihiro@lab.ntt.co.jp