> On 04 Nov 2015, at 01:53, Cory Spencer (via RT) 
> <perl6-bugs-follo...@perl.org> wrote:
> 
> # New Ticket Created by  Cory Spencer 
> # Please include the string:  [perl #126560]
> # in the subject line of all future correspondence about this issue. 
> # <URL: https://rt.perl.org/Ticket/Display.html?id=126560 >
> 
> 
> I recently committed the starts of a POSIX module to the p6 ecosystem and 
> noticed that when using the POSIX::setuid and POSIX::setgid function calls, 
> the $*USER and $*GROUP variables to not update as expected when program 
> privileges change.
> 
> I have attached a sample program demonstrating this below.  Note that the 
> program must be run as root.
> 
> Here is the output on my machine:
> 
> ~$ sudo perl6 ./uid-gid.p6
> $*USER reports UID as: 0
> $*GROUP reports GID as: 0
> 
> POSIX::getuid reports UID as: 0
> POSIX::getgid reports GID as: 0
> 
> Dropping privileges to 'nobody' user...
> 
> Privileges dropped.
> 
> $*USER reports UID as: 0
> $*GROUP reports GID as: 0
> 
> POSIX::getuid reports UID as: 65534
> POSIX::getgid reports GID as: 65534
> 
> <uid-gid.p6>

The default implementation of $*USER and $*GROUP call an external program and 
parses the result at the moment.  This is something you do not want to do for 
every access to $*USER.

I recommend that the POSIX module installs its own version of $*USER / $*GROUP 
handling in PROCESS::<$USER> and PROCESS::<$GROUP>, which can then correctly 
reflect changes in privileges.  Something akin to:

PROCESS::<$USER>  := POSIX::getuid;
PROCESS::<$GROUP> := POSIX::getgid;


My advise: ENOTABUG, can be closed.


Liz

Reply via email to