Eric,
sorry for delay, I am on PTO, didn't read emails this week...
On 11/20, Eric W. Biederman wrote:
Instead of computing the new cred before we pass the point of no return compute the new cred just before we use it.
This allows the removal of fs_struct->in_exec and cred_guard_mutex.
I am not certain why we wanted to compute the cred for the new executable so early. Perhaps I missed something but I did not see any common errors being signaled. So I don't think we loose anything by computing the new cred later.
We gain a lot.
Yes. I LIKE your approach after a quick glance. And I swear, I thought about it too ;)
But is it correct? I don't know. I'll try to actually read your patch next week (I am on PTO untill the end of November), but I am not sure I can provide a valuable feedback.
One "obvious" problem is that, after this patch, the execing process can crash in a case when currently exec() returns an error...
Oleg.