Re: Not understanding the code to drop privileges in perlsec

It certainly looks redundant, I suppose (or hope) it's in order to make it work on all platforms.

Of course testing it on every platform to see why it does what it does is difficult to achieve.

Cheers Rolf
_{(addicted to the Perl Programming Language :)

see Wikisyntax for the Monastery}

Comment on Re: Not understanding the code to drop privileges in perlsec

Replies are listed 'Best First'.
Re^2: Not understanding the code to drop privileges in perlsec by afoken (Chancellor) on Feb 22, 2024 at 19:02 UTC
It certainly looks redundant, I suppose (or hope) it's in order to make it work on all platforms. Probably not. It surely should work on anything that looks like Unix / POSIX, surely on Linux and the *BSDs, probably also Mac OS X. On DOS, you permanently have full privileges, no way to drop privileges. The Win32 API works very differently (I think privileges are somehow tied to some kind of token). I have no idea how OS/2, Amiga, Risc OS, VMS, VOS, z/OS and the other platforms from perlport handle users and privileges. Alexander -- Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)	[reply]

Replies are listed 'Best First'.

Re^2: Not understanding the code to drop privileges in perlsec
by afoken (Chancellor) on Feb 22, 2024 at 19:02 UTC

It certainly looks redundant, I suppose (or hope) it's in order to make it work on all platforms.

Probably not. It surely should work on anything that looks like Unix / POSIX, surely on Linux and the *BSDs, probably also Mac OS X. On DOS, you permanently have full privileges, no way to drop privileges. The Win32 API works very differently (I think privileges are somehow tied to some kind of token). I have no idea how OS/2, Amiga, Risc OS, VMS, VOS, z/OS and the other platforms from perlport handle users and privileges.

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

[reply]