Delete SCDropCaps() and all calls to it?
POSIX requires that all pthread of a process have the same uid and gid (man ntpl, man setuid). Linux implements this.
If you change the uid of one thread, the pids of all others are synchronised. In util-privs.c we have two functions:
Drops privileges for mainthread at startup and therefore for all threads.
SCDropCaps() currently does nothing (body disabled via #if 0 preprocessor macro), but gets called at several points in the code.
I would suggest to remove the function definition and its calls.
Any opinions, thoughts on this?
Updated by Richard Sailer about 6 years ago
- Target version deleted (
Victor Julien wrote:
It might actually be interesting to look at activating it. It was disabled from the start because of a bug in libcap-ng. Setting the per-thread caps instead of just the per process caps could still make sense I think.
Okay, so I will close this issue and open a new one about designing and implementing sensible per-thread capabilities (#2375). I will make it low priority and assign it to myself, but only as a "perhaps-future" tasks, because currently the whole log reopen issue is my task. Does this make sense?