George Dunlap writes ("[PATCH v3 09/11] libxl: Kill QEMU with "reaper" ruid"):
> Using kill(-1) to killing an untrusted dm process with the real uid
> equal to the dm_uid isn't guaranteed to succeed: the process in
> question may be able to kill the reaper process after the setresuid()
> and before the kill().
...
> +/*
> + * Look up "reaper UID". If present and non-root, returns 0 and sets
> + * reaper_uid. Otherwise returns libxl-style error.
> + */
Might be worth mentioning that this function expects to be called in a
subprocess, for a variety of reasons including because it takes a lock.
Nevertheless,
Acked-by: Ian Jackson <[email protected]>
_______________________________________________
Xen-devel mailing list
[email protected]
https://lists.xenproject.org/mailman/listinfo/xen-devel
