s6-applyuidgid mode 0700

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Earl Chew <earl_chew_at_yahoo.com>
Date: Sat, 8 Jan 2022 19:54:56 -0800

AFAIU s6-applyuidgid calls setuid(2), setgid(2), and setgroups(2).

Since each of these functions already enforces guardrails required to
keep the OS safe, what is the motivation to have the mode set to 0700
instead of the more permissive 0755 ?

Earl
Received on Sun Jan 09 2022 - 04:54:56 CET

This message: [ Message body ]
Next message: Laurent Bercot: "Re: s6-applyuidgid mode 0700"
Previous message: Laurent Bercot: "Re: Propagating parent PID to ./run"
Next in thread: Laurent Bercot: "Re: s6-applyuidgid mode 0700"
Maybe reply: Laurent Bercot: "Re: s6-applyuidgid mode 0700"
Maybe reply: Johannes Nixdorf: "Re: s6-applyuidgid mode 0700"
Maybe reply: Johannes Nixdorf: "Re: s6-applyuidgid mode 0700"
Maybe reply: Laurent Bercot: "Re: s6-applyuidgid mode 0700"
Maybe reply: Earl Chew: "Re: s6-applyuidgid mode 0700"
Maybe reply: Johannes Nixdorf: "Re: s6-applyuidgid mode 0700"
Maybe reply: Laurent Bercot: "Re: s6-applyuidgid mode 0700"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

This archive was generated by hypermail 2.4.0 : Sun Jan 09 2022 - 04:55:36 CET