Re: dropping setuid/setgid privileges, round 2

bug-gnulib

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: dropping setuid/setgid privileges, round 2

From:	Sam Steingold
Subject:	Re: dropping setuid/setgid privileges, round 2
Date:	Fri, 12 Jun 2009 16:55:01 -0400
User-agent:	Thunderbird 2.0.0.18 (X11/20081120)

Bruno Haible wrote:

* Regarding abort() vs. "return -1" - hi Sam! -, they say:
  "But while reporting failure through return values is possible, we advise
   against it, as it might leave the identity in an inconsistent state. Thus,
   when an identity change fails in the middle, programmers should either
   abort, or really know what they’re doing."


You ain't listening.
I am not saying that abort() is wrong.
I am saying that it must be accompanied by a meaningful message.
E.g, "Gnulib.drop_privileges_permanently: failed to drop privileges".
Or just "Error A23Z51DT97".

Then the user can google for the message and see what has happened, instead offiling a bug, identical (in essence) to 100s of already filed bugs - one foreach package which uses this gnulib feature.

Sam

[Prev in Thread]

Current Thread

[Next in Thread]

dropping setuid/setgid privileges, round 2, Bruno Haible, 2009/06/11
- Re: dropping setuid/setgid privileges, round 2, Sam Steingold <=
  - Re: abort() traceability, Bruno Haible, 2009/06/15
    - Re: abort() traceability, Eric Blake, 2009/06/15
    - Re: abort() traceability, Ben Pfaff, 2009/06/15
    - Re: abort() traceability, Sam Steingold, 2009/06/15
    - Re: abort() traceability, Simon Josefsson, 2009/06/15
    - Re: abort() traceability, Ben Pfaff, 2009/06/15

Prev by Date: Re: test-memchr crash
Next by Date: Re: test-memchr crash
Previous by thread: dropping setuid/setgid privileges, round 2
Next by thread: Re: abort() traceability
Index(es):
- Date
- Thread