Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 11 Jun 2014 02:27:57 +0100
From: Laurent Bercot <>
Subject: Re: musl 1.0.x branch

On 10/06/2014 22:01, Rich Felker wrote:
> It's really odd that they include that text only in the RATIONALE,
> which is non-normative. Perhaps it's duplicated somewhere else? Note
> that the part of the quote you cropped was (at the beginning) "To
> provide tighter security," which suggests there's no reason this
> condition would need to be applied to root, but maybe it is anyway.

  Well, in the normative sections, there's this:


    The setpgid() function shall fail if:

    The value of the pgid argument is valid but does not match the
     process ID of the process indicated by the pid argument and there
     is no process with a process group ID that matches the value of
     the pgid argument in the same session as the calling process.

  which translates pretty clearly to "Thou shalt not join the process
group of another process lest it is of thy bloodline". No mention of
privileged processes here.

  And even if root could do that, it would basically force the daemon
to be started as root, and run some code run as root (if only to read
the pgid from the client), which would be ugly since not every suid
program is suid root.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.