GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

LEdoian (ledoian@pleroma.ledoian.cz)'s status on Sunday, 10-Sep-2023 21:29:02 JST

  1. Embed this notice
    LEdoian (ledoian@pleroma.ledoian.cz)'s status on Sunday, 10-Sep-2023 21:29:02 JST LEdoian LEdoian
    in reply to
    • Haelwenn /элвэн/ :triskell:

    @lanodan I guess that would need to be in userspace, though. IIRC kernel does not have any idea of “appropriate runtime”, nor it wants to enforce particular choices… So maybe keep setuid(2), but allow restricting it to a specific process?

    But yeah, having a single reusable implementation for “change the user in a sane way” (possibly in libc) would be so much better, not having to think about all the other nuances like saved UIDs, groups, environment, capabilities, … (This would probably help even setuid (u+s) programs being less bug-prone.)

    (btw, the shell in /etc/passwd is IIRC completely unprivileged (tested with an interactive Python as a shell). And even though, some distributions will only allow login if using shell from /etc/shells)

    In conversation about a year ago from gnusocial.jp permalink

Feeds

  • Activity Streams
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.