Date: Wed, 11 Jun 2014 02:27:57 +0100 From: Laurent Bercot <ska-dietlibc@...rnet.org> To: musl@...ts.openwall.com Subject: Re: musl 1.0.x branch On 10/06/2014 22:01, Rich Felker wrote: > It's really odd that they include that text only in the RATIONALE, > which is non-normative. Perhaps it's duplicated somewhere else? Note > that the part of the quote you cropped was (at the beginning) "To > provide tighter security," which suggests there's no reason this > condition would need to be applied to root, but maybe it is anyway. Well, in the normative sections, there's this: ERRORS The setpgid() function shall fail if: (...) [EPERM] The value of the pgid argument is valid but does not match the process ID of the process indicated by the pid argument and there is no process with a process group ID that matches the value of the pgid argument in the same session as the calling process. which translates pretty clearly to "Thou shalt not join the process group of another process lest it is of thy bloodline". No mention of privileged processes here. And even if root could do that, it would basically force the daemon to be started as root, and run some code run as root (if only to read the pgid from the client), which would be ugly since not every suid program is suid root. -- Laurent
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.