On 22/09/2014 14:35, Dave Reisner wrote: > Changing UID to that of 'nobody' is arbitrary at best, and an > information leak at worst. Let's just drop back to the same UID of the > invoker.
Which information is leaking? This should also fix the permission issue on file introduced by bind mounting $startdir instread of copying and have files owned by nobody. Nice patch! -- Sébastien "Seblu" Luttringer https://seblu.net | Twitter: @seblu42 GPG: 0x2072D77A
signature.asc
Description: OpenPGP digital signature