On Wed, Dec 14, 2011 at 02:00:49PM +0000, Emmanuel Dreyfus wrote: > On Wed, Dec 14, 2011 at 08:55:35AM -0500, Thor Lancelot Simon wrote: > > So, um, whoever "considers" it that way -- they understand there are > > security impliations to not doing it some other way? > > Not quite. But BTW, what are the security implication? The only case > I can think of is a thread doing a file operation while another one > does a setgroups(2). Usual filesystem semantics require the operation > to be evaluated against older groups, but it maybe evaluated with newer > ones.
I suspect the same condition is possible with nonblocking I/O. But the most obvious problem is that this can cause a program that tries to drop privileges before doing a file operation to do so _after_ doing the file operation. There are probably several other similar issues. Thor