Bug #21400 for Proc-UID: drop_gid_perm does not alter supplemental privileges

RT for rt.cpan.org

This queue is for tickets about the Proc-UID CPAN distribution.

Report information

The Basics

Id:	21400
Status:	new
Priority:	0/
Queue:	Proc-UID

People

Owner:	PJF [...] cpan.org
Requestors:	mgrimes [...] behrmancap.com
Cc:
AdminCc:

Bug Information

Severity:	Important
Broken in:	0.04
Fixed in:	(no value)

History Show all quoted text

Fri Sep 08 21:05:31 2006 PJF [...] cpan.org - Ticket created

Subject:

drop_gid_perm does not alter supplemental privileges

Mark Grimes discovered that when calling the drop_gid_perm() function provided by Proc::GID, supplemental groups are not dropped. This is contrary to common expectations, and may result in proceses retaining privileges they had intended to discard. Proc::UID should be modified to provided a way to drop supplemental groups. This may involve changing the behaviour of the drop_gid_perm() call.

Fri Sep 08 21:06:03 2006 PJF [...] cpan.org - Severity Critical changed to Important

Fri Sep 08 21:09:39 2006 PJF [...] cpan.org - Taken