On Wed, Dec 16, 2020 at 5:11 AM Kevin Chadwick wrote:
>
> >> It is very important to be aware that programs written in Go are unable to
> >> reliably change their UID once started, due to how goroutines are
> >> implemented
> >> on unix systems. As an unavoidable consequence of this, CGI processe
>> It is very important to be aware that programs written in Go are unable to
>> reliably change their UID once started, due to how goroutines are implemented
>> on unix systems. As an unavoidable consequence of this, CGI processes started
>> by Molly Brown are run as the same user as the server pr
Even pre go1.16, while it's true that Setuid/Setgid don't work reliably in
a multi-threaded program, I don't think the conclusions they draw are
correct. You can still start CGI processes as a different user:
https://golang.org/pkg/os/exec/#Cmd.SysProcAttr
Also, while I'm not totally sure, I think
My bad ... I see too late that someone already filed an issue with the
molly-brown project about this.
https://tildegit.org/solderpunk/molly-brown/issues/16
On Wed, 16 Dec 2020 at 00:49, Russtopia wrote:
> The experimental 'Project Gemini' [https://gemini.circumlunar.space/] has
> a few server
