Patrick McLean <[email protected]> added the comment:
> Thanks for your explanation. In case of a privileged process, the behavior of > setreuid/setregid/setgroups does seem well-defined. But setuid/setgid change > all ids (real, effective, saved) too in this case. Do you prefer > setreuid/setregid because they provide stricter semantics in non-privileged > processes compared to setuid/setgid? (The latter ones change the effective id > only, potentially preserving the process ability to switch ids later). Yes, exactly. The stricter semantics provide stronger security guarantees. The idea is to run code in an unprivileged context in a way that the code has no way to regain privileges. ---------- _______________________________________ Python tracker <[email protected]> <https://bugs.python.org/issue36046> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
