This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author patrick.mclean
Recipients giampaolo.rodola, gregory.p.smith, izbyshev, patrick.mclean
Date 2019-02-25.23:41:01
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1551138061.21.0.259266980664.issue36046@roundup.psfhosted.org>
In-reply-to
Content 
Alexey, here are my responses to your points:

1) This is intentional, this is for dropping privileges before running some (possibly untrusted) command, we do not want to leave a path for the subprocess to gain root back. If there is a subprocess that needs root for some operations, it would presumably have the ability to drop privileges itself, and would not need the python script to do it before running it.

2) While POSIX leaves it unspecified what changes are permitted for an unprivileged process, these are permitted for a privileged process, which is the main use case for this functionality. In the case the OS does not support it for an unpriviliged process, the syscall would fail with EPERM, which can be handled from the calling python code.

I am fine removing the workaround, and allowing it to fail with EPERM. Perhaps we could find another way around this for running the tests in an unprivileged environment, or just leave the test only running the EPERM case...

I could change the API to have have group= and supp_groups=  if you prefer.
History
Date User Action Args
2019-02-25 23:41:01patrick.mcleansetrecipients: + patrick.mclean, gregory.p.smith, giampaolo.rodola, izbyshev
2019-02-25 23:41:01patrick.mcleansetmessageid: <1551138061.21.0.259266980664.issue36046@roundup.psfhosted.org>
2019-02-25 23:41:01patrick.mcleanlinkissue36046 messages
2019-02-25 23:41:01patrick.mcleancreate