Skip Menu |
Report information
Id: 126560
Status: open
Priority: 0/
Queue: perl6

Owner: Nobody
Requestors: cspencer <cspencer [at] sprocket.org>
Cc:
AdminCc:

Severity: (no value)
Tag: (no value)
Platform: (no value)
Patch Status: (no value)
VM: (no value)



To: rakudobug [...] perl.org
Date: Tue, 3 Nov 2015 16:53:01 -0800
From: Cory Spencer <cspencer [...] sprocket.org>
Subject: $*USER and $*GROUP don't update when uid/gid change
Download (untitled) / with headers
text/plain 712b
I recently committed the starts of a POSIX module to the p6 ecosystem and noticed that when using the POSIX::setuid and POSIX::setgid function calls, the $*USER and $*GROUP variables to not update as expected when program privileges change. I have attached a sample program demonstrating this below. Note that the program must be run as root. Here is the output on my machine: ~$ sudo perl6 ./uid-gid.p6 $*USER reports UID as: 0 $*GROUP reports GID as: 0 POSIX::getuid reports UID as: 0 POSIX::getgid reports GID as: 0 Dropping privileges to 'nobody' user... Privileges dropped. $*USER reports UID as: 0 $*GROUP reports GID as: 0 POSIX::getuid reports UID as: 65534 POSIX::getgid reports GID as: 65534
Download uid-gid.p6
application/octet-stream 1k

Message body not shown because it is not plain text.

From: Elizabeth Mattijsen <liz [...] dijkmat.nl>
To: "Cory Spencer (via RT)" <perl6-bugs-followup [...] perl.org>
Date: Fri, 6 Nov 2015 10:17:44 +0100
Subject: Re: [perl #126560] $*USER and $*GROUP don't update when uid/gid change
Download (untitled) / with headers
text/plain 1.5k
Show quoted text
> On 04 Nov 2015, at 01:53, Cory Spencer (via RT) <perl6-bugs-followup@perl.org> wrote: > > # New Ticket Created by Cory Spencer > # Please include the string: [perl #126560] > # in the subject line of all future correspondence about this issue. > # <URL: https://rt.perl.org/Ticket/Display.html?id=126560 > > > > I recently committed the starts of a POSIX module to the p6 ecosystem and noticed that when using the POSIX::setuid and POSIX::setgid function calls, the $*USER and $*GROUP variables to not update as expected when program privileges change. > > I have attached a sample program demonstrating this below. Note that the program must be run as root. > > Here is the output on my machine: > > ~$ sudo perl6 ./uid-gid.p6 > $*USER reports UID as: 0 > $*GROUP reports GID as: 0 > > POSIX::getuid reports UID as: 0 > POSIX::getgid reports GID as: 0 > > Dropping privileges to 'nobody' user... > > Privileges dropped. > > $*USER reports UID as: 0 > $*GROUP reports GID as: 0 > > POSIX::getuid reports UID as: 65534 > POSIX::getgid reports GID as: 65534 > > <uid-gid.p6>
The default implementation of $*USER and $*GROUP call an external program and parses the result at the moment. This is something you do not want to do for every access to $*USER. I recommend that the POSIX module installs its own version of $*USER / $*GROUP handling in PROCESS::<$USER> and PROCESS::<$GROUP>, which can then correctly reflect changes in privileges. Something akin to: PROCESS::<$USER> := POSIX::getuid; PROCESS::<$GROUP> := POSIX::getgid; My advise: ENOTABUG, can be closed. Liz


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

For issues related to this RT instance (aka "perlbug"), please contact perlbug-admin at perl.org