Date: Fri, 02 Aug 2002 09:06:58 -0400 From: "Brian F. Feldman" <green@FreeBSD.org> To: John Baldwin <jhb@FreeBSD.org> Cc: Brian Feldman <green@FreeBSD.org>, Perforce Change Reviews <perforce@FreeBSD.org> Subject: Re: PERFORCE change 15347 for review Message-ID: <200208021306.g72D6w535383@green.bikeshed.org> In-Reply-To: Your message of "Thu, 01 Aug 2002 10:11:59 EDT." <XFMail.20020801101159.jhb@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
John Baldwin <jhb@FreeBSD.org> wrote: > > On 31-Jul-2002 Brian Feldman wrote: > > http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15347 > > > > Change 15347 by green@green_laptop_2 on 2002/07/31 14:31:24 > > > > mac_cred_canexec() no longer exists; use mac_check_vnode_exec(). > > Dropping the proc lock invalidates the credential changes and any > earlier credential changes you just made unless you ensure that the > process is single threaded before you do any of the credential > checks and before you get here. This is something that needs to be fixed by people that understand teh KSE stuff by, like you said, ensuring that the process is single-threaded here. That should be the very first thing exec does... I personally had no idea whether it should return an error, destroy all the other threads, fork off a new process surreptititiously (eek!), or whatever else could possibly be the answer for it. -- Brian Fundakowski Feldman \'[ FreeBSD ]''''''''''\ <> green@FreeBSD.org <> bfeldman@tislabs.com \ The Power to Serve! \ Opinions expressed are my own. \,,,,,,,,,,,,,,,,,,,,,,\ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208021306.g72D6w535383>