[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Support open-process and friends on MS-Windows

From: Mark H Weaver
Subject: Re: Support open-process and friends on MS-Windows
Date: Sat, 02 Jul 2016 19:02:08 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.0.95 (gnu/linux)

Eli Zaretskii <address@hidden> writes:
> +# define getuid()              (500) /* Local Administrator */
> +# define getgid()              (513) /* None */
> +# define setuid(u)             (0)
> +# define setgid(g)             (0)

As I've said before, I'm not comfortable with these definitions.  These
are not operations that can be safely ignored.  If we cannot do a job
that's requested of us, we should raise an exception.  We should not
make numbers up out of thin air and pass them off as fact, nor should we
claim to have successfully done a job that we are unable to do.

More to the point, we should not assume that the caller's requests are
unimportant.  Feigning success on ignored requests and fabricating
misinformation might be okay in some cases, but in other cases it is
likely to lead to security holes and other bugs.  For example, a common
pattern is to use 'setuid' to drop privileges before running some
untrusted code.  We must not silently ignore such requests.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]