From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/5222 Path: news.gmane.org!not-for-mail From: Rich Felker Newsgroups: gmane.linux.lib.musl.general Subject: Re: musl 1.0.x branch Date: Tue, 10 Jun 2014 17:01:52 -0400 Message-ID: <20140610210152.GN179@brightrain.aerifal.cx> References: <20140606175617.GA3914@brightrain.aerifal.cx> <20140609112352.1e7ad51e@ncopa-desktop.alpinelinux.org> <20140609200830.GK179@brightrain.aerifal.cx> <20140610094351.GE20596@example.net> <20140610160356.GL179@brightrain.aerifal.cx> <5397376B.3000300@skarnet.org> <20140610173739.GM179@brightrain.aerifal.cx> <53975A4C.5030504@skarnet.org> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1402434130 10792 80.91.229.3 (10 Jun 2014 21:02:10 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Tue, 10 Jun 2014 21:02:10 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-5227-gllmg-musl=m.gmane.org@lists.openwall.com Tue Jun 10 23:02:05 2014 Return-path: Envelope-to: gllmg-musl@plane.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1WuTBF-0006qE-IA for gllmg-musl@plane.gmane.org; Tue, 10 Jun 2014 23:02:05 +0200 Original-Received: (qmail 17941 invoked by uid 550); 10 Jun 2014 21:02:05 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 17931 invoked from network); 10 Jun 2014 21:02:04 -0000 Content-Disposition: inline In-Reply-To: <53975A4C.5030504@skarnet.org> User-Agent: Mutt/1.5.21 (2010-09-15) Original-Sender: Rich Felker Xref: news.gmane.org gmane.linux.lib.musl.general:5222 Archived-At: On Tue, Jun 10, 2014 at 08:19:40PM +0100, Laurent Bercot wrote: > On 10/06/2014 18:37, Rich Felker wrote: > >Sending the terminal fd over a socket with SCM_RIGHTS isn't > >sufficient? If the privileged process has root, it should be able to > >add itself to the process group of the client so that job control, > >terminal signals, etc. work right. > > I may have missed something, but AFAICT, no, it cannot do that. > > From http://pubs.opengroup.org/onlinepubs/9699919799/functions/setpgid.html : > > setpgid() only allows the calling process to join a process group > already in use inside its session or create a new process group > whose process group ID was equal to its process ID. > > And I see nothing, not even setpgrp(), that could set the pgid to > an arbitrary value. It's really odd that they include that text only in the RATIONALE, which is non-normative. Perhaps it's duplicated somewhere else? Note that the part of the quote you cropped was (at the beginning) "To provide tighter security," which suggests there's no reason this condition would need to be applied to root, but maybe it is anyway. Rich