On Saturday, August 31, 2019 at 3:14:28 PM UTC+2, Jakob Borg wrote:
>
> On 31 Aug 2019, at 12:33, Ronny Bangsund <ronny....@gmail.com
> <javascript:>> wrote:
>
>
> Digging through my vast mess of code, I found this function which sets the
> real and effective user (Setreuid) of the calling process:
> func DegradeToUser(uname string) error {
>
>
> Doesn't this suffer from the issue of only affecting the current thread on
> Linux, and hence not being safe to use from Go?
>
No idea if Setreuid() works any differently than Setuid(), but I wouldn't
rule it out. Paranoia should be the default state :)
>
> Setting the uid/gid as part of starting a child process should be safe
> though (https://golang.org/pkg/syscall/#Credential).
>
Yeah, using that with StartProcess() might be a better idea.
--
You received this message because you are subscribed to the Google Groups
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to golang-nuts+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/golang-nuts/a5a93fdf-6079-44d7-a83a-3ebc2d4080d0%40googlegroups.com.
