This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author patrick.mclean
Recipients giampaolo.rodola, gregory.p.smith, izbyshev, patrick.mclean
Date 2019-02-26.23:04:20
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1551222260.33.0.459058878826.issue36046@roundup.psfhosted.org>
In-reply-to
Content 
> Thanks for your explanation. In case of a privileged process, the behavior of setreuid/setregid/setgroups does seem well-defined. But setuid/setgid change all ids (real, effective, saved) too in this case. Do you prefer setreuid/setregid because they provide stricter semantics in non-privileged processes compared to setuid/setgid? (The latter ones change the effective id only, potentially preserving the process ability to switch ids later).

Yes, exactly. The stricter semantics provide stronger security guarantees. The idea is to run code in an unprivileged context in a way that the code has no way to regain privileges.
History
Date User Action Args
2019-02-26 23:04:20patrick.mcleansetrecipients: + patrick.mclean, gregory.p.smith, giampaolo.rodola, izbyshev
2019-02-26 23:04:20patrick.mcleansetmessageid: <1551222260.33.0.459058878826.issue36046@roundup.psfhosted.org>
2019-02-26 23:04:20patrick.mcleanlinkissue36046 messages
2019-02-26 23:04:20patrick.mcleancreate