On Fri, 5 Nov 2021 at 21:41, Samuel Thibault <samuel.thiba...@gnu.org> wrote:
> William ML Leslie, le ven. 05 nov. 2021 21:18:50 +1100, a ecrit: > > > which makes the root filesystem reauthenticate all of the > > > processes file descriptors. > > > > It seems to eliminate a rather convenient method of delegation; a > > process opening a descriptor, forking and executing a child, and > > dropping privileges, while retaining access to that one resource. > > reauthenticating doesn't mean closing. File permissions for open are > checked at the open step, not later on. But then there are other things > than just opening a file, such as starting a translator, which we don't > necessarily want to let the unprivileged-with-one-opened-file do. > > Samuel > I see, thank you! -- William ML Leslie
