Re: WARNING: no_suid: setuid(0): (1) Operation not permitted

From: Alex Rousskov <rousskov_at_measurement-factory.com>
Date: Wed, 22 May 2013 10:29:10 -0600

On 05/22/2013 09:25 AM, Eliezer Croitoru wrote:
> On 5/22/2013 5:59 PM, Alex Rousskov wrote:
>> On 05/22/2013 07:00 AM, Amos Jeffries wrote:
>>> I had the idea that we could add a new Kid type of "Helper" and
>>> differentiate the spawned helper processes with it:
>>> http://master.squid-cache.org/~amosjeffries/patches/FreeBSD_silence_nosuid_mk1.patch

>> Identifying helper kids is a good idea in general, but I would very much
>> prefer that we at least understand what the true problem is here before
>> we mask it away. Your second January 31, 2013 email on squid-users is a
>> good summary of what needs to be investigated. Please do not suppress
>> the warning until we know why it happens and are certain that hiding it
>> is the best way forward.

> I am +1 to understand a bit the source for the problem
> Do you have any approach or direction to what can lead to it?

If you want to work on it, I recommend starting by finding answers to
the following questions:

  1a. What exactly does setuid(0) do on Linux?
  1b. What exactly does setuid(0) do on FreeBSD?
  2a. Do we need that call where it is now? Why?
  2b. Did the authors mean seteuid(0) instead?

HTH,

Alex.
Received on Wed May 22 2013 - 16:29:23 MDT

This archive was generated by hypermail 2.2.0 : Sun May 26 2013 - 12:00:11 MDT