Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 78299 - pthread functions do not honor capabilities
Summary: pthread functions do not honor capabilities
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: glibc
Version: 8.0
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-11-20 22:25 UTC by Jason Baietto
Modified: 2016-11-24 14:59 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2003-04-24 05:45:49 UTC


Attachments (Terms of Use)

Description Jason Baietto 2002-11-20 22:25:57 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.6 (X11; Linux i686; U;) Gecko/20020830

Description of problem:
pthread_create() and pthread_setschedparam() do not honor capabilities  to
validate if the current user may raise the priority of the specified thread,
returning EAGAIN.  They only appear to work if the uid is root.

The following snippet comes from the library's manager.c file:

  /* First check whether we have to change the policy and if yes, whether
     we can  do this.  Normally this should be done by examining the
     return value of the __sched_setscheduler call in pthread_start_thread
     but this is hard to implement.  FIXME  */
  if (attr != NULL && attr->__schedpolicy != SCHED_OTHER && geteuid () != 0)
    return EPERM;

This code should succeed if the user has CAP_SYS_NICE capability, but obviously
it never gets that far.

Note that we are using the pam_capability module, however there are other ways
to assign permissions so this problem is not specific to that.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Assign a non-root user the CAP_SYS_NICE capability (using either the
pam_capability.so module or via the cap_set_proc call).

2. Compile and run the following program and see that it does not succeed due to
the explicit check for uid == 0:

/*
 *  Test pthread_create() with SCHED_FIFO.
 */

#include <pthread.h>
#include <unistd.h>
#include <stdio.h>
#include <errno.h>

void* thread_body(void* ptr) {
   printf("Thread %d here!\n", getpid());
   return NULL;
}

pthread_attr_t attr;
pthread_t thread_ptr;
struct sched_param param;

main() {
   int ret;
   param.sched_priority = 50;
   pthread_attr_init(&attr);
   pthread_attr_setschedpolicy(&attr, SCHED_FIFO);
   pthread_attr_setschedparam(&attr, &param);

   printf("main: before creating thread\n");
   ret = pthread_create(&thread_ptr, &attr, thread_body, NULL);
   if (ret) {
      perror("test");
      fprintf(stderr, "error: pthread_create returned %d\n", ret);
      exit(1);
   }

   printf("main: after creating thread\n");
}


Actual Results:  $ cat /proc/self/status | tail -3
CapInh: 00000000fffffeff
CapPrm: 00000000fffffeff
CapEff: 00000000fffffeff
$ ./a.out
main: before creating thread
test: Interrupted system call
error: pthread_create returned 1
$ 

Expected Results:  $ cat /proc/self/status | tail -3
CapInh: 00000000fffffeff
CapPrm: 00000000fffffeff
CapEff: 00000000fffffeff
$ ./a.out
main: before creating thread
Thread 9401 here!
main: after creating thread
$ 

Additional info:

Comment 1 Ulrich Drepper 2003-04-24 05:45:49 UTC
The code as it is works just fine for RHL since we don't support capabilities. 
So this is no problem here, or at least it would be an enhancement request.

Having said that it should be made known that LinuxThreads has reached the end
of the line.  No more features will ever be added.  Going forward only nptl is
supported  nptl current for various reasons does not provide support for
priorities etc.  If and when it gets added we will take capabilities into account.

Therefore I'm closing the bug now with WONTFIX here.


Note You need to log in before you can comment on or make changes to this bug.