Laurent,
>> Since each of these functions already enforces guardrails required to
>> keep the OS safe, what is the motivation to have the mode set to 0700
>> instead of the more permissive 0755 ?
>
> As you said, it would do no good for normal users to run these
> programs, so there's no point in giving them the necessary permissions.
The particular use case that triggered my question is that of a
unit/integration test. While s6-applyuidgid is only generally useful for
root, it has a well defined outcome which is sufficient for this
scenario (ie current uid == target uid, etc).
This can allow testing as an unprivileged user, running the command
lines using s6-applyuidgid unaltered.
If s6-applyuidgid is only runnable by root, then either the test needs
to run as root, or the command lines must be conditionalised to
accommodate the test scenarios, or the case where current uid == target uid.
What do you think?
Earl
Received on Sun Jan 09 2022 - 19:13:35 CET