"Eric W. Biederman" ebiederm@xmission.com writes:
Instead of computing the new cred before we pass the point of no return compute the new cred just before we use it.
This allows the removal of fs_struct->in_exec and cred_guard_mutex.
I am not certain why we wanted to compute the cred for the new executable so early. Perhaps I missed something but I did not see any common errors being signaled. So I don't think we loose anything by computing the new cred later.
I should add that the permission checks happen in open_exec, everything that follows credential wise is just about representing in struct cred the credentials the new executable will have.
So I am really at a loss why we have had this complicated way of computing of computed the credentials all of these years full of time of check to time of use problems.
Eric