Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

$*USER and $*GROUP don't update when uid/gid change #4728

Open
p6rt opened this issue Nov 4, 2015 · 4 comments
Open

$*USER and $*GROUP don't update when uid/gid change #4728

p6rt opened this issue Nov 4, 2015 · 4 comments
Labels
RFC Request For Comments

Comments

@p6rt
Copy link

p6rt commented Nov 4, 2015

Migrated from rt.perl.org#126560 (status was 'open')

Searchable as RT126560$

@p6rt
Copy link
Author

p6rt commented Nov 4, 2015

From @cspencer

I recently committed the starts of a POSIX module to the p6 ecosystem and noticed that when using the POSIX​::setuid and POSIX​::setgid function calls, the $*USER and $*GROUP variables to not update as expected when program privileges change.

I have attached a sample program demonstrating this below. Note that the program must be run as root.

Here is the output on my machine​:

~$ sudo perl6 ./uid-gid.p6
$*USER reports UID as​: 0
$*GROUP reports GID as​: 0

POSIX​::getuid reports UID as​: 0
POSIX​::getgid reports GID as​: 0

Dropping privileges to 'nobody' user...

Privileges dropped.

$*USER reports UID as​: 0
$*GROUP reports GID as​: 0

POSIX​::getuid reports UID as​: 65534
POSIX​::getgid reports GID as​: 65534

@p6rt
Copy link
Author

p6rt commented Nov 4, 2015

From @cspencer

uid-gid.p6

@p6rt
Copy link
Author

p6rt commented Nov 6, 2015

From @lizmat

On 04 Nov 2015, at 01​:53, Cory Spencer (via RT) <perl6-bugs-followup@​perl.org> wrote​:

# New Ticket Created by Cory Spencer
# Please include the string​: [perl #​126560]
# in the subject line of all future correspondence about this issue.
# <URL​: https://rt-archive.perl.org/perl6/Ticket/Display.html?id=126560 >

I recently committed the starts of a POSIX module to the p6 ecosystem and noticed that when using the POSIX​::setuid and POSIX​::setgid function calls, the $*USER and $*GROUP variables to not update as expected when program privileges change.

I have attached a sample program demonstrating this below. Note that the program must be run as root.

Here is the output on my machine​:

~$ sudo perl6 ./uid-gid.p6
$*USER reports UID as​: 0
$*GROUP reports GID as​: 0

POSIX​::getuid reports UID as​: 0
POSIX​::getgid reports GID as​: 0

Dropping privileges to 'nobody' user...

Privileges dropped.

$*USER reports UID as​: 0
$*GROUP reports GID as​: 0

POSIX​::getuid reports UID as​: 65534
POSIX​::getgid reports GID as​: 65534

<uid-gid.p6>

The default implementation of $*USER and $*GROUP call an external program and parses the result at the moment. This is something you do not want to do for every access to $*USER.

I recommend that the POSIX module installs its own version of $*USER / $*GROUP handling in PROCESS​::<$USER> and PROCESS​::<$GROUP>, which can then correctly reflect changes in privileges. Something akin to​:

PROCESS​::<$USER> := POSIX​::getuid;
PROCESS​::<$GROUP> := POSIX​::getgid;

My advise​: ENOTABUG, can be closed.

Liz

@p6rt
Copy link
Author

p6rt commented Nov 6, 2015

The RT System itself - Status changed from 'new' to 'open'

@p6rt p6rt added the RFC Request For Comments label Jan 5, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
RFC Request For Comments
Projects
None yet
Development

No branches or pull requests

1 participant