Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140610210152.GN179@brightrain.aerifal.cx>
Date: Tue, 10 Jun 2014 17:01:52 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: musl 1.0.x branch

On Tue, Jun 10, 2014 at 08:19:40PM +0100, Laurent Bercot wrote:
> On 10/06/2014 18:37, Rich Felker wrote:
> >Sending the terminal fd over a socket with SCM_RIGHTS isn't
> >sufficient? If the privileged process has root, it should be able to
> >add itself to the process group of the client so that job control,
> >terminal signals, etc. work right.
> 
>  I may have missed something, but AFAICT, no, it cannot do that.
> 
>  From http://pubs.opengroup.org/onlinepubs/9699919799/functions/setpgid.html :
> 
>    setpgid() only allows the calling process to join a process group
>    already in use inside its session or create a new process group
>    whose process group ID was equal to its process ID.
> 
>  And I see nothing, not even setpgrp(), that could set the pgid to
> an arbitrary value.

It's really odd that they include that text only in the RATIONALE,
which is non-normative. Perhaps it's duplicated somewhere else? Note
that the part of the quote you cropped was (at the beginning) "To
provide tighter security," which suggests there's no reason this
condition would need to be applied to root, but maybe it is anyway.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.